CONPRESS.EXE – Trojan Jorik

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CONPRESS.EXE – Trojan Jorik removal

FileMD5Virus Alias
CONPRESS.EXE 1422635914a0197811d272229ab6a153 Trojan Jorik
CONPRESS.EXE 1422635914a0197811d272229ab6a153 Trojan ModifiedUPX
CONPRESS.EXE 1422635914a0197811d272229ab6a153 Trojan Downloader
CONPRESS.EXE 1422635914a0197811d272229ab6a153 Trojan Generic.KD
CONPRESS.EXE 1422635914a0197811d272229ab6a153 Trojan Agent
CONPRESS.EXE 1422635914a0197811d272229ab6a153 Backdoor Zegost

CONPRESS.EXE size: 63508 bytes
CONPRESS.EXE hash: 1422635914A0197811D272229AB6A153

Created files:

%WinDir%\Conpress.EXE

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Goldman Cao Ni Ma Bi\ReleiceName: Onnhnk aaegwa
HKLM\System\CurrentControlSet\Services\Onnhnk aaegwa\ConnectGroup: ??????
HKLM\System\CurrentControlSet\Services\Onnhnk aaegwa\MarkTime: 2013-08-20 04:56
HKLM\System\CurrentControlSet\Services\Onnhnk aaegwa\Type: 10010000
HKLM\System\CurrentControlSet\Services\Onnhnk aaegwa\Start: 02000000
HKLM\System\CurrentControlSet\Services\Onnhnk aaegwa\DisplayName: Uikkgu gomergtp
HKLM\System\CurrentControlSet\Services\Onnhnk aaegwa\ImagePath: %WinDir%\Conpress.EXE

Detected by UnHackMe:

CONPRESS.EXE
Default location: %WinDir%\CONPRESS.EXE

Dropper information:
MD5: 1422635914a0197811d272229ab6a153
File size: 63508 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images