I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
MRUP.EXE – Trojan Downloader removal
File | MD5 | Virus Alias |
---|---|---|
MRUP.EXE | 8745c4c253f75e6b12f950eee825c720 | Trojan Downloader |
MRUP.EXE | 8745c4c253f75e6b12f950eee825c720 | Trojan SuspiciousFile |
MRUP.EXE | 8745c4c253f75e6b12f950eee825c720 | Trojan Agent |
MRUP.EXE size: 24576 bytes
MRUP.EXE hash: 8745C4C253F75E6B12F950EEE825C720
Created files:
%Program Files%\DeskAdTop\deskipn.dll
%Program Files%\DeskAdTop\DeskUn.exe
%Program Files%\DeskAdTop\fshook.dll
%Program Files%\DeskAdTop\Mrup.exe
%Program Files%\DeskAdTop\Run.dll
%Program Files%\DeskAdTop\_uninstall
%SysDir%\cnwin.dll
%TEMP%\204.exe
%TEMP%\ad1760.exe
%TEMP%\bind_50103.exe
%TEMP%\dodolook057.exe
%TEMP%\MIS_724_0.EXE
%TEMP%\mms_724.exe
%TEMP%\setup168.exe
%TEMP%\tdsetup.exe
Autostart registry keys:
HKLM\Software\Classes\CLSID\{08A312BB-5409-49FC-9347-54BB7D069AC6}\InprocServer32 : %Program Files%\DeskAdTop\deskipn.dll
HKLM\Software\Classes\CLSID\{EC497BD8-460F-44F0-B2A4-8C2B2198035B}\InprocServer32 : %WinDir%\System32\cnwin.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\tdsetup.exe: %TEMP%\tdsetup.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\bind_50103.exe: %TEMP%\bind_50103.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\dodolook057.exe: %TEMP%\dodolook057.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\mms_724.exe: %TEMP%\mms_724.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\setup168.exe: %TEMP%\setup168.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Desktop: %WinDir%\System32\rundll32.exe “%Program Files%\DeskAdTop\Run.dll” ,Rundll
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\%TEMP%\ad1760.exe: %TEMP%\ad1760.exe
Detected by UnHackMe:
MRUP.EXE
Default location: %PROGRAM FILES%\DESKADTOP\MRUP.EXE
Dropper information:
MD5: 1ce02e2452976b3d9cece806fe6736ec
File size: 995928 bytes