NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Hidexls. Description and removal instructions

 
Title: Hidexls
Type: Trojans
Severity scale:Hidexls severity is 46  (46 / 100)
 
Hidexls is a trojan that hides all Microsoft Excel documents on the C: drive. It also disables Registry Editor and Command Prompt. Furthermore, the parasite hides Search and Run tools, modifies some system settings and turns off displaying of hidden files. Hidexls secretly runs on every Windows startup. It can also run in Windows Safe Mode.

FORUM:
Discuss Hidexls in
spyware removal forum

Related files: data uang.exe, excel optimise.exe, isassi.exe, keuangan.exe, system32.exe, msvbvm60.dll, autoexec.bat

Hidexls properties:
• Hides from the user
• Stays resident in background

Automatic Hidexls removal:

remover for Hidexls

Hidexls manual removal:

Kill processes:
data uang.exe, excel optimise.exe, isassi.exe, keuangan.exe, system32.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\mymoney
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\systemregistry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\systrays
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mymoney
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemregistry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systrays
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell=%System%\isassi.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\AlternateShell=%System%\isassi.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\AlternateShell=%System%\isassi.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableCMD=1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools=1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind=1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions=1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun=1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu=1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu=1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind=1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions=1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun=1
HELP:
how to remove registry entries

Delete files:
data uang.exe, excel optimise.exe, isassi.exe, keuangan.exe, system32.exe, msvbvm60.dll, autoexec.bat
HELP:
how to remove harmful files

Delete directories:
C:\WINDOWS\System32\Systim
C:\WINNT\System32\Systim
C:\WINDOWS\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
C:\WINNT\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
Misc:
Exact file location:
system32.exe - C:\WINDOWS\System or C:\WINNT\System
isassi.exe - C:\WINDOWS\System32 or C:\WINNT\System32
autoexec.bat - C:\Documents and Settings\[Current User]\Favorites
keuangan.exe - C:\Documents and Settings\[Current User]\My Documents
data uang.exe, excel optimise.exe - C:\Documents and Settings\[Current User]\Start Menu\Programs\Startup
msvbvm60.dll - C:\WINDOWS\System32\Systim or C:\WINNT\System32\Systim; C:\WINDOWS\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\System or C:\WINNT\System32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\System

Other programs to remove Hidexls:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 16/03/07
Information updated: 16/03/07

Additional resources related to Hidexls:

Attention: If you know or you have a website or page about Hidexls removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Hidexls parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.