PSTGDUMP.EXE – Suspicious File

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

PSTGDUMP.EXE – Suspicious File removal

File MD5 Virus Alias
PSTGDUMP.EXE 9dfb61c0601eb935872d9a0639c44110 Suspicious File
PSTGDUMP.EXE 9dfb61c0601eb935872d9a0639c44110 Trojan Generic
PSTGDUMP.EXE 9dfb61c0601eb935872d9a0639c44110 Trojan Xema
PSTGDUMP.EXE 9dfb61c0601eb935872d9a0639c44110 Trojan Agent

PSTGDUMP.EXE size: 57344 bytes
PSTGDUMP.EXE hash: 9DFB61C0601EB935872D9A0639C44110

Created files:

%TEMP%\cachedump.exe
%TEMP%\fgexec.exe
%TEMP%\lsaext.dll
%TEMP%\pstgdump.exe
%TEMP%\pwdump.exe
%TEMP%\pwservice.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\CacheDump\Type: 10000000
HKLM\System\CurrentControlSet\Services\CacheDump\Start: 03000000
HKLM\System\CurrentControlSet\Services\CacheDump\DisplayName: CacheDump
HKLM\System\CurrentControlSet\Services\CacheDump\ImagePath: %TEMP%\cachedump.exe -s

Detected by UnHackMe:

PSTGDUMP.EXE
Default location: %TEMP%\PSTGDUMP.EXE

Dropper information:
MD5: 1cb9e8511e2bf1d9cc789ffda1234fd0
File size: 901120 bytes

Leave a Reply