I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
TXPLATFORM.EXE – Backdoor Hupigon removal
| File | MD5 | Virus Alias |
|---|---|---|
| TXPLATFORM.EXE | 048016fd72217ac2e670355f364375c0 | Backdoor Hupigon |
| TXPLATFORM.EXE | 048016fd72217ac2e670355f364375c0 | Trojan Artemis |
| TXPLATFORM.EXE | 048016fd72217ac2e670355f364375c0 | Trojan Eldorado |
| TXPLATFORM.EXE | 048016fd72217ac2e670355f364375c0 | Trojan Downloader |
| TXPLATFORM.EXE | 048016fd72217ac2e670355f364375c0 | Trojan QQPass |
| TXPLATFORM.EXE | 048016fd72217ac2e670355f364375c0 | Worm Autorun |
TXPLATFORM.EXE size: 76295 bytes
TXPLATFORM.EXE hash: 048016FD72217AC2E670355F364375C0
Created files:
C:\QQ.sys
%SysDir%\drivers\TXPlatform.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\RESSDT\Type: 01000000
HKLM\System\CurrentControlSet\Services\RESSDT\Start: 03000000
HKLM\System\CurrentControlSet\Services\RESSDT\DisplayName: RESSDT
HKLM\System\CurrentControlSet\Services\RESSDT\ImagePath: c:\QQ.sys
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Explorer: %WinDir%\System32\drivers\TXPlatform.exe
Detected by UnHackMe:
TXPLATFORM.EXE
Default location: %SYSDIR%\DRIVERS\TXPLATFORM.EXE
Dropper information:
MD5: 048016fd72217ac2e670355f364375c0
File size: 76295 bytes