Home / Spyware Encyclopedia / IM.BadBoy << Back

Recommendation to Automatically remove IM.BadBoy


Our products can remove IM.BadBoy and thousands of other Virus and Spyware automatically and instantly.

IM.BadBoy Details


  • Category IM
  • Discovered 10/22/2013 7:53:24 AM
  • Modified 6/25/2020 12:12:20 PM
  • Threat Level Critical
  • Category Description
    A threat that is capable to cause Denial-Of-Service attacks against other instant messenger client systems.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
ntlcss.exe 59813rajeh1.0.0.032e20e477c1092fa86ec3a693daf16e5 
Trojan-Dropper.Win32.Small.abe.dll 352256 1.0.0.15300f1d290dff19b038db935d75fd8c4 
w11150.exe 86016 1.0.0.11bdc48accfc7afc69391b0698bc7154a 
Trojan-Dropper.Win32.Small.abh.exe 28160  f1c477e7218f067709a672556b7446ab 
winlogon32.dll 4096  eeeb593526585fb618ddee7065310507 
perfcl.exe 200704  d122387d926ea2b6cace057d5a95ac6f 
w11150.exe 146518  bf7710a070b2b9348799c0b6e7633ff5 
djtopr1150.exe 32667  bdc1886210a68e8a2758ad786869cd5b 
webrebates2.dll 135168  b1ae9a80a0da6767a672170702a33ae4 
Trojan-Dropper.Win32.Small.abs.exe 187392  aa4d3337d7a3c4848d8a55af62322cf6 

The following Registry Entries were created:
..\Software\local appwizard-generated applications\Help_me\(Default)
..\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\"SvcSys"\"{ECD59ADC-677F-46A0-AD72-B65A512EBE8A}"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"WebRebates0"\"%PF%\Web_Rebates\WebRebates0.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"PerformCl"\"%DAS.AU.LS%\Temp\perfcl.exe"
..\Software\Classes\Clsid\{ECD59ADC-677F-46A0-AD72-B65A512EBE8A}\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Run\\"webrebates"\""%PF%\WebRebates4\webrebates.exe""
..\Software\Microsoft\Internet Explorer\Toolbar\\"CLSID"\"{B75F75B8-93F3-429D-FF34-660B206D897A}"
..\Software\Microsoft\ACTIVE SETUP\INSTALLED COMPONENTS\{5Y99AE78-58TT-11DW-BE53-Y67078979Y}\(Default)
..\Software\zsearchco\(Default)
..\Software\Classes\ztoolbar.stockbar.1\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.