I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
msshell.exe – Trojan ZBot removal
| File | Virus Alias |
|---|---|
| msshell.exe | Trojan ZBot |
| msshell.exe | Trojan CI |
| msshell.exe | Trojan Buzus |
Created files:
%SysDir%\config\systemprofile\Application Data\Microsoft\Windows\.data
%SysDir%\config\systemprofile\Application Data\Microsoft\Windows\msshell.exe
%SysDir%\config\systemprofile\Application Data\Microsoft\Windows\unicode2.nls
Autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MSShell: %AppData%\Microsoft\Windows\msshell.exe
Detected by UnHackMe:
msshell.exe
Default location: %SysDir%\config\systemprofile\Application Data\Microsoft\Windows\msshell.exe
Dropper information:
SHA256: 81063c23011b56e5b91f0ab6f1ce4251c01af361d1c65deef3181c9d8c72e7c9
SHA1: 8f63dc2f846c165c92b4199c5e5e3a39d479032f
MD5: d941b0d340017a39b190eb9958743a92
File size: 302592 bytes