MQTGSVC.EXE – Trojan Small

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

MQTGSVC.EXE – Trojan Small removal

FileMD5Virus Alias
MQTGSVC.EXE 01a4a1f8b34c38bdbb3bed848ad5bf57 Trojan Small
MQTGSVC.EXE 01a4a1f8b34c38bdbb3bed848ad5bf57 Suspicious File
MQTGSVC.EXE 01a4a1f8b34c38bdbb3bed848ad5bf57 Trojan Artemis
MQTGSVC.EXE 01a4a1f8b34c38bdbb3bed848ad5bf57 Trojan Generic
MQTGSVC.EXE 01a4a1f8b34c38bdbb3bed848ad5bf57 Trojan Eldorado
MQTGSVC.EXE 01a4a1f8b34c38bdbb3bed848ad5bf57 Trojan Downloader

MQTGSVC.EXE size: 465408 bytes
MQTGSVC.EXE hash: 01A4A1F8B34C38BDBB3BED848AD5BF57

Created files:

%WinDir%\System32\config\systemprofile\Local Settings\Application Data\cmstp.exe
%WinDir%\System32\config\systemprofile\Local Settings\Application Data\Microsoft\mqtgsvc.exe
%WinDir%\System32\drivers\logman.exe
%TEMP%\Twain002.Mtx
%AllUsersProfile%\mstinit.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Logman: %WinDir%\System32\drivers\logman.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Connection Manager: %Local AppData%\cmstp.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\MessageService: %Local AppData%\Microsoft\mqtgsvc.exe

Detected by UnHackMe:

MQTGSVC.EXE
Default location: %LOCAL APPDATA%\MICROSOFT\MQTGSVC.EXE

Dropper information:
MD5: 01a4a1f8b34c38bdbb3bed848ad5bf57
File size: 465408 bytes

Leave a Reply