Solved! Use WINSYS32.EXE (Backdoor IRCBot) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINSYS32.EXE – Backdoor IRCBot removal

FileMD5Virus Alias
WINSYS32.EXE d474f511677d3da3c07593904b7b3bfd Backdoor IRCBot
WINSYS32.EXE d474f511677d3da3c07593904b7b3bfd Trojan Eldorado
WINSYS32.EXE d474f511677d3da3c07593904b7b3bfd Trojan Bdld

WINSYS32.EXE size: 35360 bytes
WINSYS32.EXE hash: D474F511677D3DA3C07593904B7B3BFD

Created files:

%SysDir%\winsys32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\winsys32run: winsys32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\winsys32run: winsys32.exe

Detected by UnHackMe:

WINSYS32.EXE
Default location: %SYSDIR%\WINSYS32.EXE

Dropper information:
MD5: d474f511677d3da3c07593904b7b3bfd
File size: 35360 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images