FBDUNIST.EXE – Trojan WS.Reputation

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

FBDUNIST.EXE – Trojan WS.Reputation removal

FileMD5Virus Alias
FBDUNIST.EXE cb24492c656ac827ddec27e5aaf58a5d Trojan WS.Reputation

FBDUNIST.EXE size: 208488 bytes
FBDUNIST.EXE hash: CB24492C656AC827DDEC27E5AAF58A5D

Created files:

%AppData%\SpeedDownload\fbdchk.exe
%AppData%\SpeedDownload\FBDManager.exe
%AppData%\SpeedDownload\FBDMgr.dll
%AppData%\SpeedDownload\FBDSvcMan.exe
%AppData%\SpeedDownload\FBDUnist.exe
%AppData%\SpeedDownload\SpeedGet.exe
%AppData%\SpeedDownload\SpeedGet.tlb

Autostart registry keys:

HKLM\Software\Classes\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}\InprocServer32 : %WinDir%\System32\config\Systemprofile\Application Data\SpeedDownload\FBDMgr.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SpeedDownload: %WinDir%\System32\config\Systemprofile\Application Data\SpeedDownload\FBDManager.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\rpga: %WinDir%\System32\config\Systemprofile\Application Data\SpeedDownload\rpgchk.exe
HKLM\System\CurrentControlSet\Services\FBDSvcman\Type: 10010000
HKLM\System\CurrentControlSet\Services\FBDSvcman\Start: 02000000
HKLM\System\CurrentControlSet\Services\FBDSvcman\DisplayName: FBDSvcman
HKLM\System\CurrentControlSet\Services\FBDSvcman\ImagePath: %WinDir%\System32\config\Systemprofile\Application Data\SpeedDownload\FBDSvcMan.exe

Detected by UnHackMe:

FBDUNIST.EXE
Default location: %APPDATA%\SPEEDDOWNLOAD\FBDUNIST.EXE

Dropper information:
MD5: aafb75c8dbd68d37504819d9579b16a1
File size: 921848 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images