OLEAUT32.DLL – Trojan WS.Reputation

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

OLEAUT32.DLL – Trojan WS.Reputation removal

FileMD5Virus Alias
OLEAUT32.DLL ccc46e689e814aaec5c171c659474a16 Trojan WS.Reputation

OLEAUT32.DLL size: 626960 bytes
OLEAUT32.DLL hash: CCC46E689E814AAEC5C171C659474A16

Created files:

%TEMP%\vsp143\ASYCFILT.DLL
%TEMP%\vsp143\COMCAT.DLL
%TEMP%\vsp143\misc\memo.res
%TEMP%\vsp143\MSDERUN.DLL
%TEMP%\vsp143\MSVBVM60.DLL
%TEMP%\vsp143\OLEAUT32.DLL
%TEMP%\vsp143\OLEPRO32.DLL
%TEMP%\vsp143\run\ASYCFILT.DLL
%TEMP%\vsp143\run\COMCAT.DLL
%TEMP%\vsp143\run\main.exe
%TEMP%\vsp143\run\MSDERUN.DLL
%TEMP%\vsp143\run\MSVBVM60.DLL
%TEMP%\vsp143\run\OLEAUT32.DLL
%TEMP%\vsp143\run\OLEPRO32.DLL
%TEMP%\vsp143\run\SHELLLNK.TLB
%TEMP%\vsp143\run\STDOLE2.TLB
%TEMP%\vsp143\run\uninstall.exe
%TEMP%\vsp143\run\update.exe
%TEMP%\vsp143\run\VB6StKit.dll
%TEMP%\vsp143\setup.exe
%TEMP%\vsp143\SHELLLNK.TLB
%TEMP%\vsp143\STDOLE2.TLB
%TEMP%\vsp143\VB6StKit.dll

Autostart registry keys:

HKLM\Software\Classes\CLSID\{E9CE1D22-7F9C-F20B-7F9C-F20B7F9CF20B}\InprocServer32 : %WinDir%\System32\quartz.dll
HKLM\Software\Classes\CLSID\{E9CE1D22-7F9C-F20B-7F9C-F20B7F9CF20B}\InprocServer32\ThreadingModel: Both

Detected by UnHackMe:

OLEAUT32.DLL
Default location: %TEMP%\VSP143\OLEAUT32.DLL

Dropper information:
MD5: 632a699fd46b68fa5beef83d337ed8cb
File size: 4305238 bytes

Leave a Reply