I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
WINCIRL.COM – Backdoor Maximus removal
| File | MD5 | Virus Alias |
|---|---|---|
| WINCIRL.COM | 514519e465f309f99bd455f7d0826485 | Backdoor Maximus |
| WINCIRL.COM | 514519e465f309f99bd455f7d0826485 | Trojan VBTrojan |
| WINCIRL.COM | 514519e465f309f99bd455f7d0826485 | Trojan Generic |
| WINCIRL.COM | 514519e465f309f99bd455f7d0826485 | Trojan Agent |
| WINCIRL.COM | 514519e465f309f99bd455f7d0826485 | Worm Pronny |
WINCIRL.COM size: 138771 bytes
WINCIRL.COM hash: 514519E465F309F99BD455F7D0826485
Created files:
C:\Documents and Settings\Default User\Start Menu\Programs\Startup\ .exe
%WinDir%\system\wincirl.com
%SysDir%\SVCH0ST.EXE
%Common Startmenu%\Programs\Startup\ .exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\TEST.exe
%Favorites%\Links\www.test.com
%Startup%\ .exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe %WinDir%/System32/SVCH0ST.EXE
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: %WinDir%/System/wincirl.com
Detected by UnHackMe:
WINCIRL.COM
Default location: %WinDir%\SYSTEM\WINCIRL.COM
Dropper information:
MD5: 514519e465f309f99bd455f7d0826485
File size: 138771 bytes