Solved! Use VSTAROGE.EXE (Trojan, Suspicious File) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

VSTAROGE.EXE – Trojan, Suspicious File removal

File MD5 Virus Alias
VSTAROGE.EXE cf53b5d71abe101213d890f52e97ebf0 Trojan, Suspicious File
VSTAROGE.EXE cf53b5d71abe101213d890f52e97ebf0 Trojan DLOADER
VSTAROGE.EXE cf53b5d71abe101213d890f52e97ebf0 Trojan PAK_Generic
VSTAROGE.EXE cf53b5d71abe101213d890f52e97ebf0 Trojan Generic
VSTAROGE.EXE cf53b5d71abe101213d890f52e97ebf0 Trojan DNAScan

VSTAROGE.EXE size: 69632 bytes
VSTAROGE.EXE hash: CF53B5D71ABE101213D890F52E97EBF0

Created files:

%SysDir%\dllcache\rasapi32.dll.gaga
%SysDir%\e0x2.dll
%SysDir%\e4882184.e48
%SysDir%\edclient.exe
%SysDir%\rasapi32.dll.bak
%SysDir%\rasapi32.dll.bak1
%SysDir%\secposs.exe
%SysDir%\shedowfiter.exe
%SysDir%\vstaroge.exe
%SysDir%\wloadclient.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\54rk: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073006800650064006F007700660069007400650072002E006500780065000000AC202E002400000000000000DC007300B8000000DC0073004800FB00120000000600000000000000AE002C0018207C00E4002C0018207C0051002D0018207C0058002D0018207C0046000000000000001000020000000000080002000000000000000000000000007000FB00120000000000D000FD007F00E000FB001200000000000000000000004000C00014000000FF00FF00FF00FF0058002D0018207C00000000001400000001000000000000000000000014000000A000F900120000000400010000000000B000FF0012000000100000000100000042000000000000001800FB00120000000000000000000000B000FF00120000000000E90090007C004000000018207C00FF00FF00FF00FF003D00000018207C005201040018207C00000000001400000000000000000000007000C10014000000F800FB00120000006200040018207C007000C10014000000A000F700C50077005800FE00120000004E006200C40077001800FC00120000007D006200C40077005800FE0012000000A80070004000000000000000000000000000000000000000C000FF001200000051005400400000005800FE0012000000A800700040000000

Detected by UnHackMe:

VSTAROGE.EXE
Default location: %SYSDIR%\VSTAROGE.EXE

Dropper information:
MD5: 7e1e091cf0f39b90a56e1ba21aa1ae87
File size: 348160 bytes

Leave a Reply