I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
FONTCACHE.EXE – Trojan Graftor removal
| File | MD5 | Virus Alias |
|---|---|---|
| FONTCACHE.EXE | e7ed072b2ef208a151cfad7e695a80ba | Trojan Graftor |
| FONTCACHE.EXE | e7ed072b2ef208a151cfad7e695a80ba | Trojan Generic |
| FONTCACHE.EXE | e7ed072b2ef208a151cfad7e695a80ba | Trojan Eldorado |
| FONTCACHE.EXE | e7ed072b2ef208a151cfad7e695a80ba | Backdoor RBot |
| FONTCACHE.EXE | e7ed072b2ef208a151cfad7e695a80ba | Trojan Downloader |
| FONTCACHE.EXE | e7ed072b2ef208a151cfad7e695a80ba | Trojan Agent |
FONTCACHE.EXE size: 36864 bytes
FONTCACHE.EXE hash: E7ED072B2EF208A151CFAD7E695A80BA
Created files:
%WinDir%\Microsoft.NET\Framework\v3.0\WPF\Caches.exe
%WinDir%\Microsoft.NET\Framework\v3.0\WPF\FontCache.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\FontCache3.0\Type: 10010000
HKLM\System\CurrentControlSet\Services\FontCache3.0\Start: 02000000
HKLM\System\CurrentControlSet\Services\FontCache3.0\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\FontCache3.0\DisplayName: Windows Presentation Foundation Fonts 3.0.0.0
HKLM\System\CurrentControlSet\Services\FontCache3.0\ImagePath: cmd.exe /c start %WinDir%\Microsoft.NET\Framework\v3.0\WPF\FontCache.exe
Detected by UnHackMe:
FONTCACHE.EXE
Default location: %WinDir%\MICROSOFT.NET\FRAMEWORK\V3.0\WPF\FONTCACHE.EXE
Dropper information:
MD5: e7ed072b2ef208a151cfad7e695a80ba
File size: 36864 bytes