QUXNT.EXE – Trojan DNSChanger

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

QUXNT.EXE – Trojan DNSChanger removal

FileMD5Virus Alias
QUXNT.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan DNSChanger
QUXNT.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan SuspiciousFile
QUXNT.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan Eldorado
QUXNT.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan Downloader
QUXNT.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan PolyCrypt
QUXNT.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan Crypt

QUXNT.EXE size: 35853 bytes
QUXNT.EXE hash: 55EFCAA135E46EEB41FF9B2E35903F95

Created files:

%Program Files%\HQvideo\register.exe
%SysDir%\quxnt.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer: 85.255.116.44 85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\NameServer: 85.255.116.44 85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5CAF79F3-7B39-4653-9DDB-483419D23C12}\NameServer: 85.255.116.44,85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5CAF79F3-7B39-4653-9DDB-483419D23C12}\DhcpNameServer: 85.255.116.44,85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4AF5AD9-358D-4F1B-920C-0AF544486F26}\NameServer: 85.255.116.44,85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4AF5AD9-358D-4F1B-920C-0AF544486F26}\DhcpNameServer: 85.255.116.44,85.255.112.155

Detected by UnHackMe:

QUXNT.EXE
Default location: %SYSDIR%\QUXNT.EXE

Dropper information:
MD5: 02e7e7a1feaaac57fcf1856c4f02342c
File size: 97447 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images