PTP3D.EXE – Suspicious File

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

PTP3D.EXE – Suspicious File removal

FileMD5Virus Alias
PTP3D.EXE cfc36fcd3670c260cf614f83e18f43b7 Suspicious File
PTP3D.EXE cfc36fcd3670c260cf614f83e18f43b7 Trojan Hllw
PTP3D.EXE cfc36fcd3670c260cf614f83e18f43b7 Trojan Agent

PTP3D.EXE size: 78716 bytes
PTP3D.EXE hash: CFC36FCD3670C260CF614F83E18F43B7

Created files:

%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe
%Program Files%\NetMeeting\conf.tuk
%Program Files%\Windows NT\dialer.xrm
%SysDir%\Winkdn.exe
%TEMP%\Cba3C.exe
%TEMP%\Fbs3E.exe
%TEMP%\Gqs3A.exe
%TEMP%\Ptp3D.exe
%TEMP%\Pvj3F.exe
%TEMP%\Ugf40.exe
%TEMP%\Ybj3B.exe
\\VBOXSVR\in\Qwjb.mpeg.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Winkdn\Type: 10010000
HKLM\System\CurrentControlSet\Services\Winkdn\Start: 02000000
HKLM\System\CurrentControlSet\Services\Winkdn\DisplayName: Winkdn
HKLM\System\CurrentControlSet\Services\Winkdn\ImagePath: %WinDir%\System32\Winkdn.exe
HKLM\System\CurrentControlSet\Services\ZB4dM5pkI\Type: 10010000
HKLM\System\CurrentControlSet\Services\ZB4dM5pkI\Start: 03000000
HKLM\System\CurrentControlSet\Services\ZB4dM5pkI\DisplayName: ZB4dM5pkI
HKLM\System\CurrentControlSet\Services\ZB4dM5pkI\ImagePath: \\VBOXSVR\in\Qwjb.mpeg.exe

Detected by UnHackMe:

PTP3D.EXE
Default location: %TEMP%\PTP3D.EXE

Dropper information:
MD5: 09be78217764b0f0a1912b3bf06cd24b
File size: 81567 bytes

Leave a Reply