REGSVR.EXE – Worm Autoit

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

REGSVR.EXE – Worm Autoit removal

File MD5 Virus Alias
REGSVR.EXE 72210f7c7da80a03c609afdecd6e881b Worm Autoit
REGSVR.EXE 72210f7c7da80a03c609afdecd6e881b Trojan MulDrop4
REGSVR.EXE 72210f7c7da80a03c609afdecd6e881b Trojan Downloader
REGSVR.EXE 72210f7c7da80a03c609afdecd6e881b Trojan Krap
REGSVR.EXE 72210f7c7da80a03c609afdecd6e881b Worm Autorun
REGSVR.EXE 72210f7c7da80a03c609afdecd6e881b KeyLogger Ardamax

REGSVR.EXE size: 2039808 bytes
REGSVR.EXE hash: 72210F7C7DA80A03C609AFDECD6E881B

Created files:

%WinDir%\regsvr.exe
%SysDir%\regsvr.exe
%SysDir%\svchost .exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe regsvr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Msn Messsenger: %WinDir%\System32\regsvr.exe

Detected by UnHackMe:

REGSVR.EXE
Default location: %WinDir%\REGSVR.EXE

Dropper information:
MD5: 72210f7c7da80a03c609afdecd6e881b
File size: 2039808 bytes

Leave a Reply