I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
9KWG.EXE – Trojan Jorik removal
| File | MD5 | Virus Alias |
|---|---|---|
| 9KWG.EXE | ed1ccf26506aa8435082a54d21e258d6 | Trojan Jorik |
| 9KWG.EXE | ed1ccf26506aa8435082a54d21e258d6 | Rootkit TDSS |
| 9KWG.EXE | ed1ccf26506aa8435082a54d21e258d6 | Trojan OnLineGames |
| 9KWG.EXE | ed1ccf26506aa8435082a54d21e258d6 | Trojan Agent |
9KWG.EXE size: 99328 bytes
9KWG.EXE hash: ED1CCF26506AA8435082A54D21E258D6
Created files:
%SysDir%\3A7A0844.sys
%TEMP%\Temp\9kwg.exe
%TEMP%\Temp\DNFBox.exe
%TEMP%\_ir_sf_temp_0\lua5.1.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0010409\Layout File: KBDUS.DLL
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0010409\Layout Text: 175053C1
HKLM\System\CurrentControlSet\Services\3A7A0844\Type: 01000000
HKLM\System\CurrentControlSet\Services\3A7A0844\ImagePath: 730079007300740065006D00330032005C00330041003700410030003800340034002E007300790073000000
HKLM\System\CurrentControlSet\Services\3A7A0844\Group: 42006100730065000000
Detected by UnHackMe:
9KWG.EXE
Default location: %TEMP%\TEMP\9KWG.EXE
Dropper information:
MD5: ab195a920cd6fb404d8def55a072d33f
File size: 3612672 bytes