Description of trojan wuaucdlt.exe
This malware runs a process "wuaucdlt.exe" at Windows startup, once the malware is active, it will redirect search result, download other malware and produce advertisement popups.
Objects of trojan wuaucdlt.exe
Registry Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACCESNT
Registry Value:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run:bofabotxx.exe=C:\bofabotxx.exe\bofabotxx.exe
File:
C:\Windows\System32\wuaucdlt.exe
C:\Windows\System32\updata.exe
%UserProfile%\Local Settings\Temp\jrhk5r3.exe
C:\Windows\System32\drivers\accesnt.sys
C:\bofabotxx.exe\bofabotxx.exe
Folder:
C:\bofabotxx.exe
use any ADWARE removing tool for getting rid of it
On Fri, Mar 25, 2011 at 2:35 PM, M.Azeem Inayat <mazm.786@gmail.com> wrote:
AOA to all
please send me any tool or guide me that how to remove wuaucdlt.exe from my system. I have format my "c" drive many time but not remove. After every format when i run internet then activated again even i open only Vu site. After activation, it runs many processes and use my system resources at 100% and I can't access any folder or file. After restarting of system, it happens again and again.............. I don't want to format my complete hardrive because of very important data.
--
Thanks and Regards:
MUHAMMAD Azeem Inayat
--
You received this message because you are subscribed to the Google Groups "Virtual University of Pakistan" group.
To post to this group, send email to discussion_vu@googlegroups.com.
To unsubscribe from this group, send email to discussion_vu+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/discussion_vu?hl=en.
--
You received this message because you are subscribed to the Google Groups "Virtual University of Pakistan" group.
To post to this group, send email to discussion_vu@googlegroups.com.
To unsubscribe from this group, send email to discussion_vu+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/discussion_vu?hl=en.
No comments:
Post a Comment