SPOOLSV.EXE – Trojan Agent

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SPOOLSV.EXE – Trojan Agent removal

FileMD5Virus Alias
SPOOLSV.EXE fd10f581f1ef226e9a1ad2dd15af8f74 Trojan Agent
SPOOLSV.EXE fd10f581f1ef226e9a1ad2dd15af8f74 Trojan SuspiciousFile
SPOOLSV.EXE fd10f581f1ef226e9a1ad2dd15af8f74 Trojan Small

SPOOLSV.EXE size: 391691 bytes
SPOOLSV.EXE hash: FD10F581F1EF226E9A1AD2DD15AF8F74

Created files:

%WinDir%\spoolsv.exe
%SysDir%\concp32.exe
%SysDir%\explorer.exe
%SysDir%\msibp32.exe
%SysDir%\vcl32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{E4883584-8B9A-11D5-EBA1-F78EEEEEE983}\StubPath: msibp32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VCL: vcl32.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\VCL: vcl32.exe

Detected by UnHackMe:

SPOOLSV.EXE
Default location: %WinDir%\SPOOLSV.EXE

Dropper information:
MD5: 0b474d8f17bf4c852592de06d38d4309
File size: 390287 bytes

Leave a Reply