ESENTUTL.EXE – Trojan Small

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

ESENTUTL.EXE – Trojan Small removal

FileMD5Virus Alias
ESENTUTL.EXE 14a88914fba4ba89bc899e2f024c52c0 Trojan Small
ESENTUTL.EXE 14a88914fba4ba89bc899e2f024c52c0 Trojan BadReputation
ESENTUTL.EXE 14a88914fba4ba89bc899e2f024c52c0 Trojan SuspiciousFile
ESENTUTL.EXE 14a88914fba4ba89bc899e2f024c52c0 Trojan XPACK
ESENTUTL.EXE 14a88914fba4ba89bc899e2f024c52c0 Trojan Eldorado
ESENTUTL.EXE 14a88914fba4ba89bc899e2f024c52c0 Trojan Downloader

ESENTUTL.EXE size: 465408 bytes
ESENTUTL.EXE hash: 14A88914FBA4BA89BC899E2F024C52C0

Created files:

%WinDir%\cmstp.exe
%WinDir%\esentutl.exe
%WinDir%\mstinit.exe
%WinDir%\System\winlogon.exe
%Local AppData%\Microsoft\lsm.exe
%TEMP%\Twain002.Mtx

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Task Scheduler: %WinDir%\mstinit.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\EseNtUtl: %WinDir%\esentutl.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\lsm service: %WinDir%\System32\config\Systemprofile\Local Settings\Application Data\Microsoft\lsm.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Connection Manager: %WinDir%\cmstp.exe

Detected by UnHackMe:

ESENTUTL.EXE
Default location: %WinDir%\ESENTUTL.EXE

Dropper information:
MD5: 14a88914fba4ba89bc899e2f024c52c0
File size: 465408 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images