OCBI.FON – Trojan QQPass

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

OCBI.FON – Trojan QQPass removal

FileMD5Virus Alias
OCBI.FON 2ca437a3c38a574dc186ee757945236f Trojan QQPass
OCBI.FON 2ca437a3c38a574dc186ee757945236f Trojan SuspiciousFile
OCBI.FON 2ca437a3c38a574dc186ee757945236f Trojan OnLineGames
OCBI.FON 2ca437a3c38a574dc186ee757945236f Worm Autorun
OCBI.FON 2ca437a3c38a574dc186ee757945236f Trojan Agent
OCBI.FON 2ca437a3c38a574dc186ee757945236f Trojan Delf

OCBI.FON size: 35328 bytes
OCBI.FON hash: 2CA437A3C38A574DC186EE757945236F

Created files:

%WinDir%\Fonts\njfmp.fon
%WinDir%\Fonts\ocbi.fon

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\DrvKiller\Type: 01000000
HKLM\System\CurrentControlSet\Services\DrvKiller\Start: 03000000
HKLM\System\CurrentControlSet\Services\DrvKiller\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\DrvKiller\DisplayName: DrvKiller
HKLM\System\CurrentControlSet\Services\DrvKiller\ImagePath: %WinDir%\Fonts\njfmp.fon

Detected by UnHackMe:

OCBI.FON
Default location: %WinDir%\FONTS\OCBI.FON

Dropper information:
MD5: 04369ac2fbbf6aee494e9208fe560908
File size: 98816 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images