TEMP4.EXE – Trojan OnLineGames

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

TEMP4.EXE – Trojan OnLineGames removal

File MD5 Virus Alias
TEMP4.EXE 4e1138933ffc44b130e9685cc86c3117 Trojan OnLineGames
TEMP4.EXE 4e1138933ffc44b130e9685cc86c3117 Trojan SuspiciousFile
TEMP4.EXE 4e1138933ffc44b130e9685cc86c3117 Trojan Artemis
TEMP4.EXE 4e1138933ffc44b130e9685cc86c3117 Trojan Eldorado
TEMP4.EXE 4e1138933ffc44b130e9685cc86c3117 Virus Part
TEMP4.EXE 4e1138933ffc44b130e9685cc86c3117 Trojan Agent

TEMP4.EXE size: 270336 bytes
TEMP4.EXE hash: 4E1138933FFC44B130E9685CC86C3117

Created files:

C:\2777100.dll
C:\windows\system32\dllcache\ws2help.dll
C:\windows\system32\drivers\420a0a1f.sys
C:\windows\system32\drivers\xpV3001.sys
C:\windows\system32\ws2helpXP.dll
C:\windows\system32\wshtcpip.dll
C:\windows\Tasks\TespayServer.exe
C:\windows\temp\svohcst.exe
C:\windows\temp\temp1.exe
C:\windows\temp\temp2.exe
C:\windows\temp\temp3.exe
C:\windows\temp\temp4.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Download: C:\windows\temp\svohcst.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\Tasks\TespayServer.exe|X- |2?`?Detected by UnHackMe:

TEMP4.EXE
Default location: %TEMP%\TEMP4.EXE

Dropper information:
MD5: ca33e1826f8d03ed2c11fba563ca3bbb
File size: 4207 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images