Solved! Use SYSTEM32.EXE (Trojan Banker) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

SYSTEM32.EXE – Trojan Banker removal

File MD5 Virus Alias
SYSTEM32.EXE 06f7daaf2a05d2b696933dde39ef95c1 Trojan Banker
SYSTEM32.EXE 06f7daaf2a05d2b696933dde39ef95c1 Trojan Bancos
SYSTEM32.EXE 06f7daaf2a05d2b696933dde39ef95c1 Trojan Agent
SYSTEM32.EXE 06f7daaf2a05d2b696933dde39ef95c1 Trojan Delf

SYSTEM32.EXE size: 950653 bytes
SYSTEM32.EXE hash: 06F7DAAF2A05D2B696933DDE39EF95C1

Created files:

%SysDir%\system32.exe
%AllUsersProfile%\start menu\programs\startup\system32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System32: %WinDir%\System32\System32.exe

Detected by UnHackMe:

SYSTEM32.EXE
Default location: %SYSDIR%\SYSTEM32.EXE

Dropper information:
MD5: 06f7daaf2a05d2b696933dde39ef95c1
File size: 950653 bytes

Leave a Reply