Solved! Use REG2000_NT.EXE (Unclassified Malware) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

REG2000_NT.EXE – Unclassified Malware removal

REG2000_NT.EXE size: 24576 bytes
REG2000_NT.EXE hash: 28B54D85511155E4FC1F8FF9B06DC031

Created files:

C:\Gestione-HOTELPRO\CalendPM.ocx
C:\Gestione-HOTELPRO\comctl32.dll
C:\Gestione-HOTELPRO\COMCTL32.OCX
C:\Gestione-HOTELPRO\ETICHETTE\articoli\etichette.zdp
C:\Gestione-HOTELPRO\ETICHETTE\articoli\originale.dbf
C:\Gestione-HOTELPRO\ETICHETTE\articoli\prezzi.dbf
C:\Gestione-HOTELPRO\ETICHETTE\SOFTWARE ETICHETTE\AveryDesignPro_Italian\AveryDesignPro_Italian.exe
C:\Gestione-HOTELPRO\Gestione-Hotel.exe
C:\Gestione-HOTELPRO\installazione\DATA.TAG
C:\Gestione-HOTELPRO\installazione\data1.cab
C:\Gestione-HOTELPRO\installazione\data1.hdr
C:\Gestione-HOTELPRO\installazione\layout.bin
C:\Gestione-HOTELPRO\installazione\setup.ins
C:\Gestione-HOTELPRO\installazione\setup.lid
C:\Gestione-HOTELPRO\installazione\_INST32I.EX_
C:\Gestione-HOTELPRO\installazione\_ISDel.exe
C:\Gestione-HOTELPRO\installazione\_sys1.cab
C:\Gestione-HOTELPRO\installazione\_sys1.hdr
C:\Gestione-HOTELPRO\installazione\_user1.cab
C:\Gestione-HOTELPRO\installazione\_user1.hdr
C:\Gestione-HOTELPRO\PICCLP32.OCX
C:\Gestione-HOTELPRO\Utility\comctl32.dll
C:\Gestione-HOTELPRO\Utility\COMCTL32.OCX
C:\Gestione-HOTELPRO\Utility\OLD\Registra2000_nt.exe
C:\Gestione-HOTELPRO\Utility\OLD\Registra98.exe
C:\Gestione-HOTELPRO\Utility\OLD\RegistraXP.exe
C:\Gestione-HOTELPRO\Utility\PICCLP32.OCX
C:\Gestione-HOTELPRO\Utility\reg2000_nt.exe
C:\Gestione-HOTELPRO\Utility\reg98.exe
C:\Gestione-HOTELPRO\Utility\regsvr32.exe
C:\Gestione-HOTELPRO\Utility\regxp.exe
C:\Gestione-HOTELPRO\Utility\Win98\Jet40SP8_9x.exe
C:\Gestione-HOTELPRO\Utility\Win98\MDAC_Win98.exe
C:\Gestione-HOTELPRO\Utility\WinXP-FM20\FM20.dll.exe
%Temp%\_INS5566._MP
%Temp%\_ISTMP1.DIR\ZDataI51.dll
%Temp%\_ISTMP1.DIR\_INS5576._MP
%Temp%\_ISTMP1.DIR\_WUTL951.DLL

Detected by UnHackMe:

REG2000_NT.EXE
Default location: C:\GESTIONE-HOTELPRO\UTILITY\REG2000_NT.EXE

Dropper information:
MD5: d8ce9550954d8dec15b00f581fdd2354
File size: 33468723 bytes

Leave a Reply