APPLETS.EXE – Trojan Comame

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

APPLETS.EXE – Trojan Comame removal

FileMD5Virus Alias
APPLETS.EXE ad094ccfde7dba626a4945e6f5b2cd49 Trojan Comame
APPLETS.EXE ad094ccfde7dba626a4945e6f5b2cd49 Trojan Generic
APPLETS.EXE ad094ccfde7dba626a4945e6f5b2cd49 Trojan Xema
APPLETS.EXE ad094ccfde7dba626a4945e6f5b2cd49 Trojan PAM
APPLETS.EXE ad094ccfde7dba626a4945e6f5b2cd49 Trojan Agent
APPLETS.EXE ad094ccfde7dba626a4945e6f5b2cd49 Trojan Crypt

APPLETS.EXE size: 226922 bytes
APPLETS.EXE hash: AD094CCFDE7DBA626A4945E6F5B2CD49

Created files:

C:\Windows\Help\intret.cnt
C:\Windows\Syssrc32.exe
C:\Windows\System\applets.exe
C:\Windows\System\Explorer.exe
C:\Windows\System\fndfst32.exe
C:\Windows\System\mplayerw.exe
C:\Windows\System\Sysexp32.exe
%Temp%\163841.dmp

Autostart registry keys:

HKLM\Software\Classes\txtfile\shell\open\command\Explore: %SystemRoot%\System32\NOTEPAD.EXE %1
HKLM\Software\Classes\txtfile\shell\open\command : C:\Windows\System\Sysexp32.exe %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System applets: C:\Windows\System\applets.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Syssrc32: C:\Windows\Syssrc32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\fndfst32: C:\Windows\System\fndfst32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Explorer Shell: C:\Windows\System\Explorer.exe

Detected by UnHackMe:

APPLETS.EXE
Default location: %WinDir%\SYSTEM\APPLETS.EXE

Dropper information:
MD5: 0e19a441f357250d6ba5fea5fba35984
File size: 223846 bytes

Leave a Reply