Unclassified Malware – uninstall_.exe – bd6eefa73c77dad9c097b918f6cf8b73

Malware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Unclassified Malware
SHA256: 07d2258250d7607d865edcd32472ef3d8f90a761f478e2c53f11857890e054b4
SHA1: 3d270f47637bd1392fe049745f64d92df3cb39d4
MD5: bd6eefa73c77dad9c097b918f6cf8b73
File size: 111103 bytes

Created files:

%WinDir%\Fonts\uninstall_.exe – Unclassified Malware

Unclassified Malware created autostart registry keys:

HKLM\System\CurrentControlSet\Services\Afd\Parameters\DisableRawSecurity: 01000000
HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters\SizReqBuf: 00400000
HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters\AutoShareServer: 01000000
HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters\AutoShareWks: 01000000
HKLM\System\CurrentControlSet\Services\NetBT\Parameters\TransportBindName: \Device\
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort: FEFF0000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpTimedWaitDelay: 1E000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\StrictTimeWaitSeqCheck: 01000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Tcp1323Opts: 01000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\GlobalMaxTcpWindowSize: C0EB0300
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpWindowSize: C0EB0300
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\EnablePMTUDiscovery: 01000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\SackOpts: 01000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultTTL: 40000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDupAcks: 02000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\LargeBufferSize: 00800C00
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\AllowUserRawAccess: 01000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpNumConnections: FEFFFF00
HKLM\System\CurrentControlSet\Services\Windows Hosts Controller\Type: 10010000
HKLM\System\CurrentControlSet\Services\Windows Hosts Controller\Start: 02000000
HKLM\System\CurrentControlSet\Services\Windows Hosts Controller\DisplayName: Windows Hosts Controller
HKLM\System\CurrentControlSet\Services\Windows Hosts Controller\ImagePath: “%WinDir%\Fonts\uninstall_.exe”

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images