WINLOAD.EXE – Backdoor Poison

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

WINLOAD.EXE – Backdoor Poison removal

FileMD5Virus Alias
WINLOAD.EXE c830727f01850c14c72309ac2b105350 Backdoor Poison
WINLOAD.EXE c830727f01850c14c72309ac2b105350 Trojan Xema
WINLOAD.EXE c830727f01850c14c72309ac2b105350 Trojan Eldorado
WINLOAD.EXE c830727f01850c14c72309ac2b105350 Trojan Downloader
WINLOAD.EXE c830727f01850c14c72309ac2b105350 Trojan DNAScan
WINLOAD.EXE c830727f01850c14c72309ac2b105350 Trojan Delf

WINLOAD.EXE size: 47613 bytes
WINLOAD.EXE hash: C830727F01850C14C72309AC2B105350

Created files:

%WinDir%\winhost.exe
%WinDir%\winload.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\run\System: 43003A005C00570049004E0044004F00570053005C00770069006E006C006F00610064002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\run\System1: 43003A005C00570049004E0044004F00570053005C00770069006E0068006F00730074002E006500780065000000

Detected by UnHackMe:

WINLOAD.EXE
Default location: %WinDir%\WINLOAD.EXE

Dropper information:
MD5: 59f93be81eb6d24271f37ecb659edbe0
File size: 97285 bytes

Leave a Reply