CMD.EXE – Suspicious File

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

CMD.EXE – Suspicious File removal

FileMD5Virus Alias
CMD.EXE 8f0550b663c5c8106e64bb01c0605315 Suspicious File
CMD.EXE 8f0550b663c5c8106e64bb01c0605315 Trojan Genome
CMD.EXE 8f0550b663c5c8106e64bb01c0605315 Trojan Eldorado
CMD.EXE 8f0550b663c5c8106e64bb01c0605315 Trojan Agent

CMD.EXE size: 30660 bytes
CMD.EXE hash: 8F0550B663C5C8106E64BB01C0605315

Created files:

%WinDir%\conime\iexplorer.exe
%WinDir%\conime\SSDT01.sys
%WinDir%\DownQvod.exe
%WinDir%\setup8.exe
%WinDir%\SHNIBDATE.EXE
%SysDir%\360Update\cmd.exe
%WinDir%\tianxing.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\S\Type: 01000000
HKLM\System\CurrentControlSet\Services\S\Start: 03000000
HKLM\System\CurrentControlSet\Services\S\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\S\DisplayName: S
HKLM\System\CurrentControlSet\Services\S\ImagePath: %WinDir%\conime\SSDT01.sys

Detected by UnHackMe:

CMD.EXE
Default location: %SYSDIR%\360UPDATE\CMD.EXE

Dropper information:
MD5: 88713add0d2bfef9376ea938a0545a9e
File size: 843332 bytes

Leave a Reply