INSTALLWIN.EXE – Trojan Kazy

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

INSTALLWIN.EXE – Trojan Kazy removal

FileMD5Virus Alias
INSTALLWIN.EXE e329e830c49d5f5b55a0e65d1d0c7e5d Trojan Kazy
INSTALLWIN.EXE e329e830c49d5f5b55a0e65d1d0c7e5d Trojan Downloader
INSTALLWIN.EXE e329e830c49d5f5b55a0e65d1d0c7e5d Trojan CI

INSTALLWIN.EXE size: 36864 bytes
INSTALLWIN.EXE hash: E329E830C49D5F5B55A0E65D1D0C7E5D

Created files:

%Program Files%\Winsearchcp\installwin.exe
%Program Files%\Winsearchcp\Uninstall.exe
%Program Files%\Winsearchcp\winsearchcp.dll
%Program Files%\Winsearchcp\winsearchcpdl.exe
%SysDir%\INETKO.DLL
%SysDir%\winsearchcpinst.exe

Autostart registry keys:

HKLM\Software\Classes\CLSID\{0E205AC2-FB09-4C7D-91F4-054CB3B93AE7}\InprocServer32 : %Program Files%\Winsearchcp\winsearchcp.dll
HKLM\Software\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX

Detected by UnHackMe:

INSTALLWIN.EXE
Default location: %PROGRAM FILES%\WINSEARCHCP\INSTALLWIN.EXE

Dropper information:
MD5: 5bfe9651bdc3b2e0201049402dea9bb2
File size: 901120 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images