I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
MPLAYERW.EXE – Trojan Comame removal
| File | MD5 | Virus Alias |
|---|---|---|
| MPLAYERW.EXE | 7921c0995e582a37b33dad76993931c5 | Trojan Comame |
| MPLAYERW.EXE | 7921c0995e582a37b33dad76993931c5 | Trojan Generic |
| MPLAYERW.EXE | 7921c0995e582a37b33dad76993931c5 | Trojan Xema |
| MPLAYERW.EXE | 7921c0995e582a37b33dad76993931c5 | Trojan PAM |
| MPLAYERW.EXE | 7921c0995e582a37b33dad76993931c5 | Trojan Agent |
| MPLAYERW.EXE | 7921c0995e582a37b33dad76993931c5 | Trojan Crypt |
MPLAYERW.EXE size: 252528 bytes
MPLAYERW.EXE hash: 7921C0995E582A37B33DAD76993931C5
Created files:
C:\Windows\Help\intret.cnt
C:\Windows\Syssrc32.exe
C:\Windows\System\applets.exe
C:\Windows\System\Explorer.exe
C:\Windows\System\fndfst32.exe
C:\Windows\System\mplayerw.exe
C:\Windows\System\Sysexp32.exe
%Temp%\163841.dmp
Autostart registry keys:
HKLM\Software\Classes\txtfile\shell\open\command\Explore: %SystemRoot%\System32\NOTEPAD.EXE %1
HKLM\Software\Classes\txtfile\shell\open\command : C:\Windows\System\Sysexp32.exe %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System applets: C:\Windows\System\applets.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Syssrc32: C:\Windows\Syssrc32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\fndfst32: C:\Windows\System\fndfst32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Explorer Shell: C:\Windows\System\Explorer.exe
Detected by UnHackMe:
MPLAYERW.EXE
Default location: %WinDir%\SYSTEM\MPLAYERW.EXE
Dropper information:
MD5: 0e19a441f357250d6ba5fea5fba35984
File size: 223846 bytes