I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
CULDWNF.EXE – Fake Antivirus FakeVimes removal
| File | MD5 | Virus Alias |
|---|---|---|
| CULDWNF.EXE | 01e5c61c5c224a8cf2936747e68bfaf3 | Fake Antivirus FakeVimes |
| CULDWNF.EXE | 01e5c61c5c224a8cf2936747e68bfaf3 | Trojan Click |
| CULDWNF.EXE | 01e5c61c5c224a8cf2936747e68bfaf3 | Trojan Eldorado |
| CULDWNF.EXE | 01e5c61c5c224a8cf2936747e68bfaf3 | Trojan Downloader |
| CULDWNF.EXE | 01e5c61c5c224a8cf2936747e68bfaf3 | Trojan Adload |
| CULDWNF.EXE | 01e5c61c5c224a8cf2936747e68bfaf3 | Trojan Agent |
CULDWNF.EXE size: 773632 bytes
CULDWNF.EXE hash: 01E5C61C5C224A8CF2936747E68BFAF3
Created files:
%SysDir%\BSJBULC.DLL
%SysDir%\CULDWNF.EXE
%SysDir%\IZQHZQHYQH.DLL
%SysDir%\LBTKTICTMEZ.AAB
%SysDir%\ma8gPDyg.dll
%SysDir%\TKBSKBSKBTKBSJ.OKC
%SysDir%\XPHZS.DLL
%SysDir%\YQIARJ.DLL
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\ServerPanle\Type: 10010000
HKLM\System\CurrentControlSet\Services\ServerPanle\Start: 02000000
HKLM\System\CurrentControlSet\Services\ServerPanle\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ServerPanle\DisplayName: WinServerPanle
HKLM\System\CurrentControlSet\Services\ServerPanle\ImagePath: %WinDir%\System32\CULDWNF.EXE
Detected by UnHackMe:
CULDWNF.EXE
Default location: %SYSDIR%\CULDWNF.EXE
Dropper information:
MD5: 1e3a4d1102073e5c93d90789b5211e71
File size: 804352 bytes