I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
ROLLINGPOP_S.EXE – Trojan BadReputation removal
| File | MD5 | Virus Alias |
|---|---|---|
| ROLLINGPOP_S.EXE | eedfe1a35eded5bac95c404b18d63a38 | Trojan BadReputation |
ROLLINGPOP_S.EXE size: 32624 bytes
ROLLINGPOP_S.EXE hash: EEDFE1A35EDED5BAC95C404B18D63A38
Created files:
%SysDir%\Base64.dll
%AppData%\RollingPop\NTVBSvc.tlb
%AppData%\RollingPop\RollingPop_E.exe
%AppData%\RollingPop\RollingPop_R.exe
%AppData%\RollingPop\RollingPop_S.exe
%AppData%\RollingPop\RollingPop_U.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\RollingPop_Service\Type: 10000000
HKLM\System\CurrentControlSet\Services\RollingPop_Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\RollingPop_Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\RollingPop_Service\DisplayName: RollingPop_Service
HKLM\System\CurrentControlSet\Services\RollingPop_Service\ImagePath: %WinDir%\System32\config\Systemprofile\Application Data\RollingPop\RollingPop_S.exe ROLL05
HKLM\System\CurrentControlSet\Services\RollingPop_Service\ObjectName: LocalSystem
Detected by UnHackMe:
ROLLINGPOP_S.EXE
Default location: %APPDATA%\ROLLINGPOP\ROLLINGPOP_S.EXE
Dropper information:
MD5: 565aec3aaac9ffd77c71eb7fabe2d03b
File size: 1251200 bytes