Home / Spyware Encyclopedia / IM.GhostToolz << Back

Recommendation to Automatically remove IM.GhostToolz


Our products can remove IM.GhostToolz and thousands of other Virus and Spyware automatically and instantly.

IM.GhostToolz Details


  • Category IM
  • Discovered 5/14/2005 12:00:00 AM
  • Modified 1/19/2010 3:19:58 PM
  • Threat Level Medium
  • Category Description
    A threat that is capable to cause Denial-Of-Service attacks against other instant messenger client systems.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
bi.dll 151552BETTER INTERNET, INC.0.0.4.1978de1ce7c1e214dfbe4d71888382f5e0 
bi.dll 151552Better Internet, Inc.0.0.4.18d01c2586fcd825d3e10c892051f2899a 
bi.dll 147456better internet, inc.0.0.4.175676faa0895057a0e4128953ae610283 
bundle.exe 44032-1.1.1.124a12f5cc77436d6286b04dc38c167b23 
bundle.exe 42496-1.1.1.1112b77b012ec72a0dfdc311b0f46de641 
bundle.exe 90112-1.1.1.10d61a956c596e887ada4cf148c8e045e4 
Trojan-Dropper.Win32.Small.gv.dll 164864 1.0.0.17b45e4657e667e66d0e570dbbc10f4f0 
sahagent1019.exe 55217  8c947e1d5f8872596ca6d6032eba7c6c 
biprep.exe 45056  278ef801aed8d8a5620900b687e0590f 
Trojan-Dropper.Win32.Small.gx.exe 11776  01a8e6616bbd46a0929f9affb2c6b4de 

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\Run\\"SAHBundle"\"%DAS.AU.LS%\Temp\bundle.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Services Process"\"%WIN.SYS32%\config\services.exe"
..\Software\Dbi\(Default)
..\Software\vgroup\(Default)
..\Software\Classes\vx2.vx2obj\(Default)
..\Software\Classes\bidll.bidllobj.1\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Uninstall\dbi\(Default)
..\Software\Classes\Typelib\{690bccb4-6b83-4203-ae77-038c116594ec}\(Default)
..\Software\Classes\Typelib\{53f066f0-a4c0-4f46-83eb-2dfd03f938cf}\(Default)
..\Software\Classes\Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.