REGISTER.EXE – Trojan DNSChanger

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

REGISTER.EXE – Trojan DNSChanger removal

FileMD5Virus Alias
REGISTER.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan DNSChanger
REGISTER.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan SuspiciousFile
REGISTER.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan Eldorado
REGISTER.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan Downloader
REGISTER.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan PolyCrypt
REGISTER.EXE 55efcaa135e46eeb41ff9b2e35903f95 Trojan Crypt

REGISTER.EXE size: 35853 bytes
REGISTER.EXE hash: 55EFCAA135E46EEB41FF9B2E35903F95

Created files:

%Program Files%\HQvideo\register.exe
%SysDir%\quxnt.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer: 85.255.116.44 85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\NameServer: 85.255.116.44 85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5CAF79F3-7B39-4653-9DDB-483419D23C12}\NameServer: 85.255.116.44,85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5CAF79F3-7B39-4653-9DDB-483419D23C12}\DhcpNameServer: 85.255.116.44,85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4AF5AD9-358D-4F1B-920C-0AF544486F26}\NameServer: 85.255.116.44,85.255.112.155
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4AF5AD9-358D-4F1B-920C-0AF544486F26}\DhcpNameServer: 85.255.116.44,85.255.112.155

Detected by UnHackMe:

REGISTER.EXE
Default location: %PROGRAM FILES%\HQVIDEO\REGISTER.EXE

Dropper information:
MD5: 02e7e7a1feaaac57fcf1856c4f02342c
File size: 97447 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images