I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Backdoor Zegost
Also known as: Trojan Refroso
SHA256: ab4063a4e9a7c3059b37c9d9a70b3d6f9903dc09ac08e275771f33e98b26d4d3
SHA1: 472915c879ec4bc06a93db009b0bfcce81fda856
MD5: 30f81eb91de67dfc710b56ee7590be47
File size: 672308 bytes
Created files:
%SysDir%\kernel\kernel32.exe – Backdoor Zegost
Backdoor Zegost created autostart registry keys:
HKLM\Software\Microsoft\Active Setup\Installed Components\{5B86UL47-NG86-C4XI-TQFP-K0L2WP35R17S}\StubPath: %WinDir%\System32\kernel\kernel32.exe Restart
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C006B00650072006E0065006C005C006B00650072006E0065006C00330032002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C006B00650072006E0065006C005C006B00650072006E0065006C00330032002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C006B00650072006E0065006C005C006B00650072006E0065006C00330032002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C006B00650072006E0065006C005C006B00650072006E0065006C00330032002E006500780065000000