I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Tencenthw.exe – Trojan Downloader.Generic removal
File | Virus Alias |
---|---|
Tencenthw.exe | Trojan Downloader.Generic |
Tencenthw.exe | Worm AMN |
Tencenthw.exe | Trojan CI |
Tencenthw.exe | Trojan Agent |
Tencenthw.exe | Trojan Small |
Tencenthw.exe | Trojan Banker |
Created files:
%SysDir%\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1HVEIEYW\tplink27[1].exe – Trojan Downloader.Generic
%SysDir%\e0x2.dll – Trojan Downloader.Generic
%SysDir%\gamehw.exe – Trojan Downloader.Generic
%SysDir%\gametohw.exe – Trojan Downloader.Generic
%SysDir%\Tencenthw.exe – Trojan Downloader.Generic
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\54rk: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00540065006E00630065006E007400680077002E00650078006500000018207C00C900C300C200770000000000390000000000000000000000CE00C300C20077000700C400C20077009000E500EA007300FF00FF00FF00FF001D00000000000000F5001900DD007300A000E500EA007300AC2000000000000042000000000000003C00F600120000007800E500EA0073009000E500EA007300B000F500120000003C00F600120000004000000000000000000000000000000002004400DD007300DC02520039000000E0003D0039000000020000000000000063002200DD0073007800E500EA00730024003E00390000007600BE00AC207C003C00F600120000000200000000000000000000000000000009004900DD007300B000520039000000E0003D003900000002000000000000001E00C1004000000063002200DD0073007800E500EA0073001E00C100400000002D000000000000002B006B00000000005000F6001200000019205D0092017C000000000000000000010000000000000000000000000000003400A100400000003C00810040000000FC001A204000000063002200DD0073007800E500EA0073001E00C100400000002221F900120000006C005D0092017C004E002700DD00730034003D0039000000
Detected by UnHackMe:
Tencenthw.exe
Default location: %SysDir%\Tencenthw.exe
Dropper information:
SHA256: 87e094c74f5346cc13cbd0498ee1262f4d469dcc13ee2a4df7302937ae174c41
SHA1: 8a48553bbdead774a1b8196d369b2d4c081c3b25
MD5: e9af0d32cc363335f0f2e70c68e55678
File size: 82944 bytes