Solved! Use 2.3.EXE (Trojan Buzus) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

2.3.EXE – Trojan Buzus removal

FileMD5Virus Alias
2.3.EXE c067c5d7327a5be0920813ebc1594870 Trojan Buzus
2.3.EXE c067c5d7327a5be0920813ebc1594870 Trojan SuspiciousFile
2.3.EXE c067c5d7327a5be0920813ebc1594870 Trojan Generic
2.3.EXE c067c5d7327a5be0920813ebc1594870 Trojan Xema
2.3.EXE c067c5d7327a5be0920813ebc1594870 Trojan Eldorado
2.3.EXE c067c5d7327a5be0920813ebc1594870 Trojan Downloader

2.3.EXE size: 194342 bytes
2.3.EXE hash: C067C5D7327A5BE0920813EBC1594870

Created files:

C:\windows\1YCERLBZA9.dll
C:\windows\2.3.exe
C:\windows\Config\csrss.exe
C:\windows\system32\MSWINSCK.OCX
%Temp%\NZ3 No-ip.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe %WinDir%\Config\csrss.exe

Detected by UnHackMe:

2.3.EXE
Default location: %WinDir%\2.3.EXE

Dropper information:
MD5: 2d9cbfeaa7a51c040ab34327dd442ba1
File size: 453082 bytes

Leave a Reply