RPGUNIST.EXE – Adware KorAd

Adware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RPGUNIST.EXE – Adware KorAd removal

FileMD5Virus Alias
RPGUNIST.EXE 60bba0e5988f67e74dcad53d0b72f92e Adware KorAd

RPGUNIST.EXE size: 208320 bytes
RPGUNIST.EXE hash: 60BBA0E5988F67E74DCAD53D0B72F92E

Created files:

%AppData%\RapidGet\RapidGet.exe
%AppData%\RapidGet\RapidGet.tlb
%AppData%\RapidGet\RPDMgr.dll
%AppData%\RapidGet\rpgchk.exe
%AppData%\RapidGet\RPGManager.exe
%AppData%\RapidGet\RPGSvcMan.exe
%AppData%\RapidGet\RPGUnist.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RapidGet: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\RPGManager.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\rpga: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\rpgchk.exe
HKLM\System\CurrentControlSet\Services\RPGSvcman\Type: 10010000
HKLM\System\CurrentControlSet\Services\RPGSvcman\Start: 02000000
HKLM\System\CurrentControlSet\Services\RPGSvcman\DisplayName: RPGSvcman
HKLM\System\CurrentControlSet\Services\RPGSvcman\ImagePath: %WinDir%\System32\config\Systemprofile\Application Data\RapidGet\RPGSvcMan.exe

Detected by UnHackMe:

RPGUNIST.EXE
Default location: %APPDATA%\RAPIDGET\RPGUNIST.EXE

Dropper information:
MD5: f3ad1c7051372b722abc913a9a5b7959
File size: 882936 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images