I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
MEDIO.EXE – Trojan Kazy removal
File | MD5 | Virus Alias |
---|---|---|
MEDIO.EXE | b89cd22d7393de28da8a5cb4073c72c0 | Trojan Kazy |
MEDIO.EXE | b89cd22d7393de28da8a5cb4073c72c0 | Trojan Win32-Spy |
MEDIO.EXE | b89cd22d7393de28da8a5cb4073c72c0 | Trojan SuspiciousFile |
MEDIO.EXE | b89cd22d7393de28da8a5cb4073c72c0 | Trojan DNAScan |
MEDIO.EXE | b89cd22d7393de28da8a5cb4073c72c0 | Backdoor Poison |
MEDIO.EXE size: 574090 bytes
MEDIO.EXE hash: B89CD22D7393DE28DA8A5CB4073C72C0
Created files:
%WinDir%\install\chrome.exe
%TEMP%\IXP000.TMP\citadel.exe
%TEMP%\IXP000.TMP\medio.exe
%TEMP%\UuU.uUu
%TEMP%\XxX.xXx
Autostart registry keys:
HKLM\Software\Microsoft\Active Setup\Installed Components\{GYHTFHI8-H5ED-2PS4-7KJI-7Q2678X0553X}\StubPath: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%TEMP%\IXP000.TMP\”
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
Detected by UnHackMe:
MEDIO.EXE
Default location: %TEMP%\IXP000.TMP\MEDIO.EXE
Dropper information:
MD5: 43b2857880e5bd9200d002b02db4a20d
File size: 1269248 bytes