USERLOG.EXE – Trojan Urelas

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

USERLOG.EXE – Trojan Urelas removal

FileMD5Virus Alias
USERLOG.EXE 13ceb0acbafabfb0b015cd6262b37b54 Trojan Urelas
USERLOG.EXE 13ceb0acbafabfb0b015cd6262b37b54 Trojan Artemis
USERLOG.EXE 13ceb0acbafabfb0b015cd6262b37b54 Trojan Generic
USERLOG.EXE 13ceb0acbafabfb0b015cd6262b37b54 Trojan Diple
USERLOG.EXE 13ceb0acbafabfb0b015cd6262b37b54 Trojan Agent
USERLOG.EXE 13ceb0acbafabfb0b015cd6262b37b54 Trojan Delf

USERLOG.EXE size: 1662976 bytes
USERLOG.EXE hash: 13CEB0ACBAFABFB0B015CD6262B37B54

Created files:

%SysDir%\drivers\giu.sys
%TEMP%\tmpHKY5\userlog.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\run\ZDYX: %TEMP%\tmpHKY5\userlog.exe
HKLM\System\CurrentControlSet\Services\My_DriverLinkName_test\Type: 01000000
HKLM\System\CurrentControlSet\Services\My_DriverLinkName_test\Start: 03000000
HKLM\System\CurrentControlSet\Services\My_DriverLinkName_test\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\My_DriverLinkName_test\DisplayName: My_DriverLinkName_test
HKLM\System\CurrentControlSet\Services\My_DriverLinkName_test\ImagePath: %WinDir%\System32\drivers\giu.sys

Detected by UnHackMe:

USERLOG.EXE
Default location: %TEMP%\TMPHKY5\USERLOG.EXE

Dropper information:
MD5: 13ceb0acbafabfb0b015cd6262b37b54
File size: 1662976 bytes

Leave a Reply