I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
RINST.EXE – Trojan Downloader removal
File | MD5 | Virus Alias |
---|---|---|
RINST.EXE | c2945ee5c57f33f8bbb6a4f6d539180b | Trojan Downloader |
RINST.EXE | c2945ee5c57f33f8bbb6a4f6d539180b | Trojan SuspiciousFile |
RINST.EXE | c2945ee5c57f33f8bbb6a4f6d539180b | Trojan Agent |
RINST.EXE | c2945ee5c57f33f8bbb6a4f6d539180b | Trojan Small |
RINST.EXE size: 7680 bytes
RINST.EXE hash: C2945EE5C57F33F8BBB6A4F6D539180B
Created files:
C:\CONFIG.SYS
C:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak
C:\Documents and Settings\Default User\SendTo\Compressed (zipped) Folder.ZFSendToTarget
C:\Documents and Settings\Default User\SendTo\Desktop (create shortcut).DeskLink
C:\Documents and Settings\Default User\SendTo\Mail Recipient.MAPIMail
C:\Documents and Settings\Default User\Templates\amipro.sam
C:\Documents and Settings\Default User\Templates\lotus.wk4
C:\Documents and Settings\Default User\Templates\powerpnt.ppt
C:\Documents and Settings\Default User\Templates\presenta.shw
C:\Documents and Settings\Default User\Templates\quattro.wb2
C:\Documents and Settings\Default User\Templates\wordpfct.wpd
C:\Documents and Settings\Default User\Templates\wordpfct.wpg
C:\pk.bin
C:\rinst.exe
C:\svchost.exe
C:\svchosthk.dll
C:\svchostwb.dll
%TEMP%\RarSFX0\OOCR.exe
%TEMP%\RarSFX0\pk.bin
%TEMP%\RarSFX0\rinst.exe
%TEMP%\RarSFX0\svchost.exe
%TEMP%\RarSFX0\svchosthk.dll
%TEMP%\RarSFX0\svchostwb.dll
Detected by UnHackMe:
RINST.EXE
Default location: C:\RINST.EXE
Dropper information:
MD5: 83adb3952c225d45a0feeededeef7a83
File size: 331836 bytes