QBH9KL.HIX – Trojan Kazy

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

QBH9KL.HIX – Trojan Kazy removal

File MD5 Virus Alias
QBH9KL.HIX 2d96167af75220fb74a969458aa4237e Trojan Kazy
QBH9KL.HIX 2d96167af75220fb74a969458aa4237e Suspicious File
QBH9KL.HIX 2d96167af75220fb74a969458aa4237e Trojan Eldorado
QBH9KL.HIX 2d96167af75220fb74a969458aa4237e Trojan Agent
QBH9KL.HIX 2d96167af75220fb74a969458aa4237e Backdoor Zegost
QBH9KL.HIX 2d96167af75220fb74a969458aa4237e Backdoor Farfli

QBH9KL.HIX size: 147456 bytes
QBH9KL.HIX hash: 2D96167AF75220FB74A969458AA4237E

Created files:

%Program Files Common%\Microsoft Shared\MSInfo\Qbh9kL.hix

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\E0moC3ki\Type: 20010000
HKLM\System\CurrentControlSet\Services\E0moC3ki\Start: 02000000
HKLM\System\CurrentControlSet\Services\E0moC3ki\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\E0moC3ki\DisplayName: Microsoft Managers DeviceW28TJAAUBW1H3FP3A6ZI
HKLM\System\CurrentControlSet\Services\E0moC3ki\ImagePath: %SystemRoot%\System32\svchost.exe -k E0moC3ki
HKLM\System\CurrentControlSet\Services\E0moC3ki\Description: 4E006500740077006F0072006B002000610064006400720065007300730020007400720061006E0073006C006100740069006F006E00200066006F007200200020006E006500740077006F0072006B0073002E000000
HKLM\System\CurrentControlSet\Services\E0moC3ki\Parameters\ServiceDll: 43003A005C00500072006F006700720061006D002000460069006C00650073005C0043006F006D006D006F006E002000460069006C00650073005C004D006900630072006F0073006F006600740020005300680061007200650064005C004D00530049006E0066006F005C005C0051006200680039006B004C002E006800690078000000
HKLM\System\CurrentControlSet\Services\E0moC3ki\Parameters\ServiceMain: Dot3svc

Detected by UnHackMe:

QBH9KL.HIX
Default location: %PROGRAM FILES COMMON%\MICROSOFT SHARED\MSINFO\QBH9KL.HIX

Dropper information:
MD5: 70b07bbd1b2386a49f5d85ff458f0111
File size: 174592 bytes

Leave a Reply