JVK4A.EXE – Suspicious File

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

JVK4A.EXE – Suspicious File removal

FileMD5Virus Alias
JVK4A.EXE 930b95303532d0f4f75fa5477c037590 Suspicious File
JVK4A.EXE 930b95303532d0f4f75fa5477c037590 Trojan Hllw

JVK4A.EXE size: 108544 bytes
JVK4A.EXE hash: 930B95303532D0F4F75FA5477C037590

Created files:

%Program Files%\Hrx49.exe
%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe
%Program Files%\NetMeeting\conf.rsk
%Program Files%\Windows NT\dialer.tnx
%SysDir%\Winktr.exe
%TEMP%\Jj48.exe
%TEMP%\Jvk4A.exe
%TEMP%\Rm4D.exe
%TEMP%\Ufm4B.exe
%TEMP%\Xeb4C.exe
\\VBOXSVR\in\Lbrk.exe
%Common AppData%\Microsoft\Dr Watson\user.dmp

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\D26554s\Type: 10010000
HKLM\System\CurrentControlSet\Services\D26554s\Start: 03000000
HKLM\System\CurrentControlSet\Services\D26554s\DisplayName: D26554s
HKLM\System\CurrentControlSet\Services\D26554s\ImagePath: \\VBOXSVR\in\Lbrk.exe
HKLM\System\CurrentControlSet\Services\Winktr\Type: 10010000
HKLM\System\CurrentControlSet\Services\Winktr\Start: 02000000
HKLM\System\CurrentControlSet\Services\Winktr\DisplayName: Winktr
HKLM\System\CurrentControlSet\Services\Winktr\ImagePath: %WinDir%\System32\Winktr.exe

Detected by UnHackMe:

JVK4A.EXE
Default location: %TEMP%\JVK4A.EXE

Dropper information:
MD5: 0a95f9d91849936d551546b9c660bc2e
File size: 122880 bytes

Leave a Reply