QQCRT.DLL – Trojan Magania

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

QQCRT.DLL – Trojan Magania removal

FileMD5Virus Alias
QQCRT.DLL d2f825d24153a2abda54dfd24189ae5e Trojan Magania
QQCRT.DLL d2f825d24153a2abda54dfd24189ae5e Trojan Eldorado
QQCRT.DLL d2f825d24153a2abda54dfd24189ae5e Trojan OnLineGames
QQCRT.DLL d2f825d24153a2abda54dfd24189ae5e Backdoor Zegost
QQCRT.DLL d2f825d24153a2abda54dfd24189ae5e Backdoor Farfli

QQCRT.DLL size: 22143614 bytes
QQCRT.DLL hash: D2F825D24153A2ABDA54DFD24189AE5E

Created files:

C:\Documents and Settings\QQCRT.DLL
%Program Files%\Garss.exe
C:\Server.exe
%SysDir%\superec.io.sys
C:\??????.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\BITS\Start: 02000000
HKLM\System\CurrentControlSet\Services\BITS\Parameters\ServiceDll: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C00510051004300520054002E0044004C004C000000
HKLM\System\CurrentControlSet\Services\TianSinl\Type: 01000000
HKLM\System\CurrentControlSet\Services\TianSinl\Start: 03000000
HKLM\System\CurrentControlSet\Services\TianSinl\DisplayName: TianSinl
HKLM\System\CurrentControlSet\Services\TianSinl\ImagePath: %WinDir%\System32\superec.io.sys

Detected by UnHackMe:

QQCRT.DLL
Default location: C:\DOCUMENTS AND SETTINGS\QQCRT.DLL

Dropper information:
MD5: 9bb0f2141782485ee8cac6da05128feb
File size: 374028 bytes

Leave a Reply