Articles > Malware
This is a google redirection virus.
Extremely dangerous and loads from:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs.
Injects itself into processes at random and killing a process just makes it inject into another process. it even injected into process explorer.
Removal instructions:
Boot into safe mode.
Use autoruns to remove the startup entry.
delete the .exe file.
Virus total link:
https://www.virustotal.com/file/30f21539c796c7800b157f21bff3a677f29918322bfaf7ebb92afe7a75240454/analysis/1332821007/
Virus total detection names:
appconf32.exe virus / malware / trojan - google redirect virus
Last Updated: 3/26/12This is a google redirection virus.
Extremely dangerous and loads from:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs.
Injects itself into processes at random and killing a process just makes it inject into another process. it even injected into process explorer.
Removal instructions:
Boot into safe mode.
Use autoruns to remove the startup entry.
delete the .exe file.
Virus total link:
https://www.virustotal.com/file/30f21539c796c7800b157f21bff3a677f29918322bfaf7ebb92afe7a75240454/analysis/1332821007/
Virus total detection names:
| AhnLab-V3 | - | 20120326 |
| AntiVir | TR/Kazy.isd | 20120327 |
| Antiy-AVL | Trojan/Win32.Menti.gen | 20120327 |
| Avast | Win32:Crypt-LYV [Trj] | 20120326 |
| AVG | Generic27.AXTM | 20120326 |
| BitDefender | Gen:Variant.Kazy.62042 | 20120327 |
| ByteHero | - | 20120326 |
| CAT-QuickHeal | - | 20120327 |
| ClamAV | - | 20120327 |
| Commtouch | - | 20120327 |
| Comodo | - | 20120327 |
| DrWeb | - | 20120327 |
| Emsisoft | Trojan-Dropper.Win32.Pakes!IK | 20120327 |
| eSafe | - | 20120326 |
| eTrust-Vet | - | 20120326 |
| F-Prot | - | 20120327 |
| F-Secure | Gen:Variant.Kazy.62042 | 20120327 |
| Fortinet | - | 20120327 |
| GData | Gen:Variant.Kazy.62042 | 20120327 |
| Ikarus | Trojan-Dropper.Win32.Pakes | 20120327 |
| Jiangmin | Trojan/Generic.zsxx | 20120326 |
| K7AntiVirus | - | 20120326 |
| Kaspersky | Trojan.Win32.Menti.muio | 20120327 |
| McAfee | - | 20120327 |
| McAfee-GW-Edition | - | 20120326 |
| Microsoft | - | 20120326 |
| NOD32 | a variant of Win32/Kryptik.ACVS | 20120327 |
| Norman | - | 20120326 |
| nProtect | - | 20120326 |
| Panda | - | 20120326 |
| PCTools | - | 20120326 |
| Prevx | - | 20120327 |
| Rising | - | 20120326 |
| Sophos | Mal/Cleaman-B | 20120327 |
Keywords: appconf32.exe virus malware removal instructions firefox chrome crash