PLUGIN.EXE – Trojan Delf

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

PLUGIN.EXE – Trojan Delf removal

FileMD5Virus Alias
PLUGIN.EXE 0a89b32b324959f3598d9a8ceb0df62c Trojan Delf
PLUGIN.EXE 0a89b32b324959f3598d9a8ceb0df62c Trojan Generic
PLUGIN.EXE 0a89b32b324959f3598d9a8ceb0df62c Trojan Hllw
PLUGIN.EXE 0a89b32b324959f3598d9a8ceb0df62c Trojan Eldorado
PLUGIN.EXE 0a89b32b324959f3598d9a8ceb0df62c Worm Palevo
PLUGIN.EXE 0a89b32b324959f3598d9a8ceb0df62c Worm Autorun

PLUGIN.EXE size: 297472 bytes
PLUGIN.EXE hash: 0A89B32B324959F3598D9A8CEB0DF62C

Created files:

%SysDir%\Windows\plugin.exe

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{08B0E5JF-4FCB-11CF-AAA5-00401C6XX500}\StubPath: %WinDir%\System32\Windows\plugin.exe Restart
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00570069006E0064006F00770073005C0070006C007500670069006E002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00570069006E0064006F00770073005C0070006C007500670069006E002E006500780065000000

Detected by UnHackMe:

PLUGIN.EXE
Default location: %SYSDIR%\WINDOWS\PLUGIN.EXE

Dropper information:
MD5: 0a89b32b324959f3598d9a8ceb0df62c
File size: 297472 bytes

Leave a Reply