Trojan Generic – ps.exe – e865854fc24cabe7d20578b8d5c8f39b

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

Trojan Generic
Also known as: Trojan Crypt, Trojan Kryptik
SHA256: 068e9fd514926cefc90f1b86984268334f82e9ee0c044cbb16c32f0846ac7e4f
SHA1: eaffbc01b32c09d964bf5691f5f0ec60c160b3da
MD5: e865854fc24cabe7d20578b8d5c8f39b
File size: 110592 bytes

Created files:

%AppData%\Adobe\ps.exe – Trojan Generic
%AppData%\MicroUpdat\mupdat.exe – Trojan Generic

Trojan Generic created autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{7DX0XI15-X2E8-7C7V-I782-8N442S6LL432}\StubPath: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E00650078006500200072006500730074006100720074000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Schost: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\Schost: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: 6500780070006C006F007200650072002E00650078006500200043003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Schost: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Java Runtime: %AppData%\Adobe\ps.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU3: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Schost: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: 6500780070006C006F007200650072002E00650078006500200043003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C004100700070006C00690063006100740069006F006E00200044006100740061005C004D006900630072006F00550070006400610074005C006D00750070006400610074002E006500780065000000

Leave a Reply