I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Trojan Banload
Also known as: Trojan Downloader.Generic, Trojan Generic
SHA256: f114ab217303b3d1c12691399b5aed8cea2f3e0ba41a90a5e09e09c40455c86a
SHA1: 16c47f8d49d60e5ed3bc089058d25bf0c0665ba6
MD5: 9fb89d40bc650dd0ecd2607d9fa944b6
File size: 182784 bytes
Created files:
%Personal%\fefcadef\cript.dll – Trojan Banload
%Personal%\fefcadef\ctqmon.exe – Trojan Banload
%Personal%\fefcadef\dsua.exe – Trojan Banload
%Personal%\fefcadef\Firewall_Windows.exe – Trojan Banload
%Personal%\fefcadef\madCHook.dll – Trojan Banload
%Personal%\fefcadef\mmr.exe – Trojan Banload
%Personal%\fefcadef\mpntz.exe – Trojan Banload
%Personal%\fefcadef\pvchost.exe – Trojan Banload
%Personal%\fefcadef\svhost.exe – Trojan Banload
%Personal%\fefcadef\winupdate.exe – Trojan Banload
Trojan Banload created autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\ctqmon.exe: %Personal%\fefcadef\ctqmon.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\svhost.exe: %Personal%\fefcadef\svhost.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\pvchost.exe: %Personal%\fefcadef\pvchost.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\winupdate.exe: %Personal%\fefcadef\winupdate.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\dsbua.exe: %Personal%\fefcadef\dsbua.exe
user\S-1-5-21-15044950-4219544130-4274662314-1000\Software\Classes\Applications\inicio.exe\TaskbarGroupIcon: 43003A005C004100720071007500690076006F0073002000640065002000700072006F006700720061006D0073005C004100560047005C00410056004700310030005C00610076006700750069007200650073002E0064006C006C002C002D003100320038000000
user\S-1-5-21-15044950-4219544130-4274662314-1000\Software\Classes\Applications\Nicrosoft.exe\TaskbarGroupIcon: 43003A005C004100720071007500690076006F0073002000640065002000700072006F006700720061006D0073005C004100560047005C00410056004700310030005C00610076006700750069007200650073002E0064006C006C002C002D003100320038000000
user\S-1-5-21-15044950-4219544130-4274662314-1000\Software\Classes\Applications\regss.exe\TaskbarGroupIcon: 43003A005C004100720071007500690076006F0073002000640065002000700072006F006700720061006D0073005C004100560047005C00410056004700310030005C00610076006700750069007200650073002E0064006C006C002C002D003100320038000000