I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
CFTMON.EXE – Trojan Downloader removal
| File | MD5 | Virus Alias |
|---|---|---|
| CFTMON.EXE | f61f4adeffe5e96bf757b11108f997ad | Trojan Downloader |
| CFTMON.EXE | f61f4adeffe5e96bf757b11108f997ad | Trojan Adload |
| CFTMON.EXE | f61f4adeffe5e96bf757b11108f997ad | Trojan Agent |
| CFTMON.EXE | f61f4adeffe5e96bf757b11108f997ad | Trojan Small |
| CFTMON.EXE | f61f4adeffe5e96bf757b11108f997ad | Trojan ZBot |
| CFTMON.EXE | f61f4adeffe5e96bf757b11108f997ad | Trojan Crypt |
CFTMON.EXE size: 213576 bytes
CFTMON.EXE hash: F61F4ADEFFE5E96BF757B11108F997AD
Created files:
%UserProfile%\cftmon.exe
%SysDir%\drivers\spools.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %WinDir%\System32\config\Systemprofile\cftmon.exe
HKLM\System\CurrentControlSet\Services\Schedule\ImagePath: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0064007200690076006500720073005C00730070006F006F006C0073002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %WinDir%\System32\config\Systemprofile\cftmon.exe
Detected by UnHackMe:
CFTMON.EXE
Default location: %USERPROFILE%\CFTMON.EXE
Dropper information:
MD5: 025ccf6e44819fe51244df2b7709509a
File size: 202162 bytes
Logging you in...
Loading IntenseDebate Comments...