CTFMONSS.EXE – Trojan StartPage

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CTFMONSS.EXE – Trojan StartPage removal

FileMD5Virus Alias
CTFMONSS.EXE 5e95e38dbc16361b9166140db8e64ee8 Trojan StartPage
CTFMONSS.EXE 5e95e38dbc16361b9166140db8e64ee8 Trojan Artemis
CTFMONSS.EXE 5e95e38dbc16361b9166140db8e64ee8 Trojan Generic
CTFMONSS.EXE 5e95e38dbc16361b9166140db8e64ee8 Trojan Small

CTFMONSS.EXE size: 29696 bytes
CTFMONSS.EXE hash: 5E95E38DBC16361B9166140DB8E64EE8

Created files:

%SysDir%\CSRSSW.EXE
%SysDir%\CTFMONSS.EXE
%WinDir%\wtlbass32.dll

Autostart registry keys:

HKLM\Software\Classes\CLSID\{A0ED918D-B8E6-4c3d-BD15-1DB1AE9A5DD3}\InprocServer32 : %WinDir%\wtlbass32.dll
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\CTFMONSS: %WinDir%\System32\CTFMONSS.EXE
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\CSRSSW: %WinDir%\System32\CSRSSW.EXE

Detected by UnHackMe:

CTFMONSS.EXE
Default location: %SYSDIR%\CTFMONSS.EXE

Dropper information:
MD5: 5e95e38dbc16361b9166140db8e64ee8
File size: 29696 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images