Home / Spyware Encyclopedia / IM.Shock << Back

Recommendation to Automatically remove IM.Shock


Our products can remove IM.Shock and thousands of other Virus and Spyware automatically and instantly.

IM.Shock Details


  • Category IM
  • Discovered 10/27/2012 8:40:32 AM
  • Modified 7/14/2023 12:16:21 PM
  • Threat Level Medium
  • Category Description
    A threat that is capable to cause Denial-Of-Service attacks against other instant messenger client systems.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
BTRS.EXE 70144betterinternet, inc.1.0.0.12699cacb599b7c9f605bf5f9acb8dc161 
xhrmy.exe 180224 1.0.0.1e58e15f7301e37924ba29d5a20a4c058 
Trojan-Dropper.Win32.Small.tz.dll 196608 1.0.0.1d85e4339b996a0146661efd16e0f8e53 
hlinstaller3.exe 104784  ff1e2f1eedd5a15c432b898b1f27fe76 
0c12ab5dd45fc40544cf364377cf37ad.vxe.exe 98304AciDProds1.00.00220c12ab5dd45fc40544cf364377cf37ad14/07/2023
energyplugin.exe 36112  a5906978ebed809bcbf67be64ecf39be16/07/2020
0c12ab5dd45fc40544cf364377cf37ad.vxe.exe 98304AciDProds1.00.00220c12ab5dd45fc40544cf364377cf37ad 
TROJAN-DROPPER.WIN32.SMALL.UE.EXE 14336  06cfc4761f2b01aa269277ab29958dbb 
TROJAN-DROPPER.WIN32.SMALL.UN.EXE 33040  2998784f9c7a045833c629d125494f5e 
energyplugin.exe 36940  2aa1ad0a4bc8b49a8a7f39cdc86b35e0 

The following Registry Entries were created:
..\Software\Microsoft\Internet Explorer\new windows\allow\"69.28.210.175"
..\Software\Microsoft\Windows\Shell\"MRU"\"3763557716"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"MSN Messenger"\"%WIN.SYS32%\msmsgs.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"xhrmy"\"%WIN%\Xhrmy.exe"
..\Software\Classes\Clsid\{A25F1650-96EB-4C59-BA6D-3E26921151AB}\(Default)
..\Software\Microsoft\Windows\Shell\"MRUData"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"sp"\"rundll32 %DAS.AU.LS%\Temp\se.dll,DllInstall"
..\Software\Microsoft\Windows\CurrentVersion\policies\explorer\run\"notepad.exe"\"msmsgs.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"EnergyPlugIn"\"%PF%\EnergyPlugIn\EnergyPlugin.exe"
..\Software\xhrmy\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.