RPGMANAGER.EXE – Adware KorAd

Adware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RPGMANAGER.EXE – Adware KorAd removal

FileMD5Virus Alias
RPGMANAGER.EXE 1cf9e1e4863ae12874bf933e5c6418b0 Adware KorAd

RPGMANAGER.EXE size: 284096 bytes
RPGMANAGER.EXE hash: 1CF9E1E4863AE12874BF933E5C6418B0

Created files:

%AppData%\RapidGet\RapidGet.exe
%AppData%\RapidGet\RapidGet.tlb
%AppData%\RapidGet\RPDMgr.dll
%AppData%\RapidGet\rpgchk.exe
%AppData%\RapidGet\RPGManager.exe
%AppData%\RapidGet\RPGSvcMan.exe
%AppData%\RapidGet\RPGUnist.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RapidGet: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\RPGManager.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\rpga: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\rpgchk.exe
HKLM\System\CurrentControlSet\Services\RPGSvcman\Type: 10010000
HKLM\System\CurrentControlSet\Services\RPGSvcman\Start: 02000000
HKLM\System\CurrentControlSet\Services\RPGSvcman\DisplayName: RPGSvcman
HKLM\System\CurrentControlSet\Services\RPGSvcman\ImagePath: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\RPGSvcMan.exe

Detected by UnHackMe:

RPGMANAGER.EXE
Default location: %APPDATA%\RAPIDGET\RPGMANAGER.EXE

Dropper information:
MD5: f3ad1c7051372b722abc913a9a5b7959
File size: 882936 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images