RPGSVCMAN.EXE – Adware KorAd

Adware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RPGSVCMAN.EXE – Adware KorAd removal

FileMD5Virus Alias
RPGSVCMAN.EXE 3743daaa9230f6c2f0fea3730b56176f Adware KorAd

RPGSVCMAN.EXE size: 78272 bytes
RPGSVCMAN.EXE hash: 3743DAAA9230F6C2F0FEA3730B56176F

Created files:

%AppData%\RapidGet\RapidGet.exe
%AppData%\RapidGet\RapidGet.tlb
%AppData%\RapidGet\RPDMgr.dll
%AppData%\RapidGet\rpgchk.exe
%AppData%\RapidGet\RPGManager.exe
%AppData%\RapidGet\RPGSvcMan.exe
%AppData%\RapidGet\RPGUnist.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RapidGet: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\RPGManager.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\rpga: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\rpgchk.exe
HKLM\System\CurrentControlSet\Services\RPGSvcman\Type: 10010000
HKLM\System\CurrentControlSet\Services\RPGSvcman\Start: 02000000
HKLM\System\CurrentControlSet\Services\RPGSvcman\DisplayName: RPGSvcman
HKLM\System\CurrentControlSet\Services\RPGSvcman\ImagePath: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\RPGSvcMan.exe

Detected by UnHackMe:

RPGSVCMAN.EXE
Default location: %APPDATA%\RAPIDGET\RPGSVCMAN.EXE

Dropper information:
MD5: f3ad1c7051372b722abc913a9a5b7959
File size: 882936 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images