EXPOR.EXE – Worm Autorun

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

EXPOR.EXE – Worm Autorun removal

File MD5 Virus Alias
EXPOR.EXE 4a8cc6f40bbb9dbb03bfd7943790086e Worm Autorun
EXPOR.EXE 4a8cc6f40bbb9dbb03bfd7943790086e Trojan Generic
EXPOR.EXE 4a8cc6f40bbb9dbb03bfd7943790086e Trojan Hllw
EXPOR.EXE 4a8cc6f40bbb9dbb03bfd7943790086e Trojan Downloader
EXPOR.EXE 4a8cc6f40bbb9dbb03bfd7943790086e Trojan Agent
EXPOR.EXE 4a8cc6f40bbb9dbb03bfd7943790086e Trojan Kryptik

EXPOR.EXE size: 26112 bytes
EXPOR.EXE hash: 4A8CC6F40BBB9DBB03BFD7943790086E

Created files:

%TEMP%\Expor.exe
%TEMP%\NtHid.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\bits\Start: 02000000
HKLM\System\CurrentControlSet\Services\NtHid\Type: 01000000
HKLM\System\CurrentControlSet\Services\NtHid\Start: 03000000
HKLM\System\CurrentControlSet\Services\NtHid\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NtHid\DisplayName: NtHid
HKLM\System\CurrentControlSet\Services\NtHid\ImagePath: %TEMP%\NtHid.sys

Detected by UnHackMe:

EXPOR.EXE
Default location: %TEMP%\EXPOR.EXE

Dropper information:
MD5: 04651183956e3f6441dd769f8afdb171
File size: 2884058 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images