Jump to content

Search the Community

Showing results for tags 'ivaljsim'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 2 results

  1. If anyone is running PokerStars.net on their PC, they have installed a hack that will run in the background even when your not running Pokerstars. It will open 2 sessions of Internet Explorer in the background and send them information without your knowledge. If you run HiJackThis you will see one of the hack softwares ivaljsim which needs to be removed. There are 2 pieces to this. ivaljsim.exe and vpknu.exe which they put into "Application Data\Microsoft\Ivaljsim\ivaljsim.exe" and "Application Data\Microsoft\vpknu\vpknu.exe". These need to be removed as well in safemode. You will also need to eliminate the entries it puts in your register. I removed the Pokerstars software as well. I had to use HitmanPro to find it. I manually eliminated it from all of the places but everything looks good now.
  2. Has anyone run across this yet? This keeps getting back into my system after I have gone through and cleaned it out from top to bottom. Malwarebytes will not detect it but I was able to find it with Hitman Pro. What it does is run ivaljsim.exe and starts up 2 sessions of iexplorer in your task manager sending who knows what... I ran Hijackthis and found this which I cleaned up as well. O4 - HKCU\..\Run: [jgyoludb] "C:\Documents and Settings\Larry Williams\Application Data\Microsoft\Ivaljsim\ivaljsim.exe" The Trojan is that one as well as: O4 - HKCU\..\Run: [jgyoludb] "C:\Documents and Settings\Larry Williams\Application Data\Microsoft\vpknu\vpknu.exe" I searched google for all of this and came up with nothing. I can't seem to find where this keeps getting in... After I clean it up, it's fine for a couple of hours, then right back again. hijackthis.log
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.