I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
FNDFST32.EXE – Trojan Crypt removal
| File | MD5 | Virus Alias |
|---|---|---|
| FNDFST32.EXE | 71ac1dfbdf97ba991326bc0e88b8376d | Trojan Crypt |
| FNDFST32.EXE | 71ac1dfbdf97ba991326bc0e88b8376d | Trojan Generic |
| FNDFST32.EXE | 71ac1dfbdf97ba991326bc0e88b8376d | Trojan Xema |
| FNDFST32.EXE | 71ac1dfbdf97ba991326bc0e88b8376d | Trojan Comame |
| FNDFST32.EXE | 71ac1dfbdf97ba991326bc0e88b8376d | Trojan PAM |
| FNDFST32.EXE | 71ac1dfbdf97ba991326bc0e88b8376d | Trojan Agent |
FNDFST32.EXE size: 185946 bytes
FNDFST32.EXE hash: 71AC1DFBDF97BA991326BC0E88B8376D
Created files:
C:\Windows\Help\intret.cnt
C:\Windows\Syssrc32.exe
C:\Windows\System\applets.exe
C:\Windows\System\Explorer.exe
C:\Windows\System\fndfst32.exe
C:\Windows\System\mplayerw.exe
C:\Windows\System\Sysexp32.exe
%Temp%\1D87B2.dmp
Autostart registry keys:
HKLM\Software\Classes\txtfile\shell\open\command\Explore: %SystemRoot%\System32\NOTEPAD.EXE %1
HKLM\Software\Classes\txtfile\shell\open\command : C:\Windows\System\Sysexp32.exe %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System applets: C:\Windows\System\applets.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Syssrc32: C:\Windows\Syssrc32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\fndfst32: C:\Windows\System\fndfst32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Explorer Shell: C:\Windows\System\Explorer.exe
Detected by UnHackMe:
FNDFST32.EXE
Default location: %WinDir%\SYSTEM\FNDFST32.EXE
Dropper information:
MD5: 64092b65d2cd79275aa4f8354c7b99f0
File size: 184918 bytes