SMSS.EXE – Worm Vobfus

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SMSS.EXE – Worm Vobfus removal

FileMD5Virus Alias
SMSS.EXE 089cddbc01f68b429da8cc822f541e20 Worm Vobfus
SMSS.EXE 089cddbc01f68b429da8cc822f541e20 Trojan SuspiciousFile
SMSS.EXE 089cddbc01f68b429da8cc822f541e20 Trojan Hllw
SMSS.EXE 089cddbc01f68b429da8cc822f541e20 Trojan Krap
SMSS.EXE 089cddbc01f68b429da8cc822f541e20 Trojan Agent

SMSS.EXE size: 46592 bytes
SMSS.EXE hash: 089CDDBC01F68B429DA8CC822F541E20

Created files:

C:\Recycled\CTFMON.EXE
C:\Recycled\SMSS.EXE
C:\Recycled\SPOOLSV.EXE
C:\Recycled\SVCHOST.EXE

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: C:\recycled\SVCHOST.exe,
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe “C:\recycled\SVCHOST.exe”

Detected by UnHackMe:

SMSS.EXE
Default location: C:\RECYCLED\SMSS.EXE

Dropper information:
MD5: 0c3bae80b41f8a3445a54106629db999
File size: 46592 bytes

Leave a Reply