How to remove 2nuk.com

CRC32: 4F24DA1D
MD5: 864D52CB2BEC69289C0462B9EC31CA4D
SHA-1: 27F4A4C75BD8621F1E4E62BC2C2C7EE1BDD4E433
================================================

Create fileC:\WINDOWS\system32\olhrwef.exe
C:\WINDOWS\system32\nmdfgds0.dll
C:\WINDOWS\system32\drivers\cdaudio.sys (new)
X:\2nuk.com
X:\autorun.inf

Delete file
C:\WINDOWS\system32\drivers\cdaudio.sys (delete)

Keys addedHKLM\SYSTEM\ControlSet001\Services\AVPsys
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Security
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Enum
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Security
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Enum

Values added
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Enum\Count: 0x00000000
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Type: 0x00000001
HKLM\SYSTEM\ControlSet001\Services\AVPsys\Start: 0x00000003
HKLM\SYSTEM\ControlSet001\Services\AVPsys\ErrorControl: 0x00000001
HKLM\SYSTEM\ControlSet001\Services\AVPsys\ImagePath:
"\??\C:\WINDOWS\system32\drivers\cdaudio.sys"
HKLM\SYSTEM\ControlSet001\Services\AVPsys\DisplayName: "AVPsys"
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Enum\Count: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Enum\NextInstance: 0x00000000
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Enum\INITSTARTFAILED: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Type: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\Start: 0x00000003
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\ErrorControl: 0x00000001
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\ImagePath: "\??\C:\WINDOWS\system32\drivers\cdaudio.sys"
HKLM\SYSTEM\CurrentControlSet\Services\AVPsys\DisplayName: "AVPsys"

Values ModifilesHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
Folder\Hidden\SHOWALL\CheckedValue: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden: 0x00000002
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\
ShowSuperHidden: 0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDriveTypeAutoRun: 0x00000091

Advertisement

Antivirus Rescue CD

Update :Virus Database Offline

Malware-Fighting Utilities

Multi AV Scan

Label

Eset NOD32 Threats

How to remove 2nuk.com