I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
ESENTUTL.EXE – Trojan Downloader removal
| File | MD5 | Virus Alias |
|---|---|---|
| ESENTUTL.EXE | 161f2c66cc092f9a4ac6fb32d5a7bd58 | Trojan Downloader |
| ESENTUTL.EXE | 161f2c66cc092f9a4ac6fb32d5a7bd58 | Trojan Hllw |
| ESENTUTL.EXE | 161f2c66cc092f9a4ac6fb32d5a7bd58 | Trojan Eldorado |
| ESENTUTL.EXE | 161f2c66cc092f9a4ac6fb32d5a7bd58 | Worm Autorun |
| ESENTUTL.EXE | 161f2c66cc092f9a4ac6fb32d5a7bd58 | Trojan Agent |
| ESENTUTL.EXE | 161f2c66cc092f9a4ac6fb32d5a7bd58 | Trojan Scar |
ESENTUTL.EXE size: 96256 bytes
Created files:
C:\cisvc.exe
%WinDir%\System32\config\systemprofile\Local Settings\Application Data\ieudinit.exe
%WinDir%\System32\config\systemprofile\Local Settings\Application Data\Microsoft\esentutl.exe
%WinDir%\System32\drivers\comrepl.exe
%WinDir%\System32\drivers\sessmgr.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ComRepl: %WinDir%\System32\drivers\comrepl.exe /waitservice
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Esent Utl: %WinDir%\System32\config\SYSTEM~1\LOCALS~1\APPLIC~1\MICROS~1\esentutl.exe /waitservice
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: %WinDir%\System32\config\SYSTEM~1\LOCALS~1\APPLIC~1\ieudinit.exe
Detected by UnHackMe:
ESENTUTL.EXE
Default location: %LOCAL APPDATA%\MICROSOFT\ESENTUTL.EXE
Dropper information:
MD5: 161f2c66cc092f9a4ac6fb32d5a7bd58
File size: 96256 bytes