MSIEXEC.VIR – Virus Expiro

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

MSIEXEC.VIR – Virus Expiro removal

FileMD5Virus Alias
MSIEXEC.VIR e40d668bc86751a52b21e0328132d7b3 Virus Expiro
MSIEXEC.VIR e40d668bc86751a52b21e0328132d7b3 Trojan SuspiciousFile

MSIEXEC.VIR size: 226304 bytes
MSIEXEC.VIR hash: E40D668BC86751A52B21E0328132D7B3

Created files:

C:\windows\system32\cisvc.vir
C:\windows\system32\clipsrv.vir
C:\windows\system32\dllhost.exe
C:\windows\system32\dmadmin.vir
C:\windows\system32\imapi.vir
C:\windows\system32\mnmsrvc.vir
C:\windows\system32\msdtc.exe
C:\windows\system32\msiexec.vir
C:\windows\system32\svchost.vir

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\msiserver\Type: 20010000
HKLM\System\CurrentControlSet\Services\msiserver\Start: 02000000

Detected by UnHackMe:

MSIEXEC.VIR
Default location: %SYSDIR%\MSIEXEC.VIR

Dropper information:
MD5: 0dcf7d73cc8d0b27aae103509aa8cb56
File size: 1179648 bytes

Leave a Reply