The file WNDHOOK.DLL is malware related.
You must delete the file WNDHOOK.DLL immediately!
Delete the file WNDHOOK.DLL without delay!
Kill the process WNDHOOK.DLL and remove WNDHOOK.DLL from the Windows startup.
Malware Analysis of WNDHOOK.DLL
Full path on a computer: %SysDir%\Com\1.2.8\WndHook.dll
Detected by UnHackMe:
WNDHOOK.DLL
Default location: %SysDir%\Com\1.2.8\WndHook.dll
Removal Results: Success
Number of reboot: 1
WNDHOOK.DLL is known as:
Trojan.Agent.167936.GJ, Trojan.Agent.cymz, Trojan.Agent.cw8PeloVWik, probably a variant of Win32.Agent.VOB, W32.Trojan2.MCPJ, Agent.TFUP, Mal.Agent-CF, TR.Agent.cymz, Trojan.Agent, Trojan.Agent.daav, Trojan.Orsam.rts, Trojan.Agent.167936.Z, Win-Trojan.Agent.167936.FV, Trojan.PSW.Undef.bii, Agent2.AEZM
WNDHOOK.DLL hash:
- MD5: 0cac9c36b10945fec5f4d230908981e6
The file tries to download information from some web sites.
How to quickly detect WNDHOOK.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\mysys:”%Program Files%\Outlook Express\SOUNDMAN.EXE”
Folders:- %SysDir%\Com\1.2.8
Files:- %Program Files%\Outlook Express\httpapi.dll
- %Program Files%\Outlook Express\SOUNDMAN.exe
- %SysDir%\Com\1.2.8\WndHook.dll
- %SysDir%\Com\Config.cfg
- %SysDir%\domspring.dat
- %SysDir%\mprmsgse.axp
- %SysDir%\somarshal.dat
Recommended: UnHackMe anti-rootkit and anti-malware
Premium software: RegRun Security Suite (Good choice for removal and protection)