Solved! Use FTP33.DLL (Trojan Downloader) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

FTP33.DLL – Trojan Downloader removal

File MD5 Virus Alias
FTP33.DLL f00d56b8179157d274013a713d6f4944 Trojan Downloader
FTP33.DLL f00d56b8179157d274013a713d6f4944 Trojan Eldorado
FTP33.DLL f00d56b8179157d274013a713d6f4944 Trojan PAM
FTP33.DLL f00d56b8179157d274013a713d6f4944 Trojan Agent
FTP33.DLL f00d56b8179157d274013a713d6f4944 Trojan Small
FTP33.DLL f00d56b8179157d274013a713d6f4944 Virus Sality

FTP33.DLL size: 5120 bytes
FTP33.DLL hash: F00D56B8179157D274013A713D6F4944

Created files:

%SysDir%\drivers\spools.exe
%SysDir%\ftp33.dll
%UserProfile%\cftmon.exe
%UserProfile%\ftp33.dll

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %UserProfile%\cftmon.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit: %WinDir%\System32\userinit.exe,
HKLM\System\CurrentControlSet\Services\Schedule\ImagePath: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0064007200690076006500720073005C00730070006F006F006C0073002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %UserProfile%\cftmon.exe

Detected by UnHackMe:

FTP33.DLL
Default location: %SYSDIR%\FTP33.DLL

Dropper information:
MD5: c5ff76d09a8d2c731f67d5e8e4d049e0
File size: 85920 bytes

Leave a Reply