I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SHEDOWFITER.EXE – Trojan, Suspicious File removal
File | MD5 | Virus Alias |
---|---|---|
SHEDOWFITER.EXE | cf53b5d71abe101213d890f52e97ebf0 | Trojan, Suspicious File |
SHEDOWFITER.EXE | cf53b5d71abe101213d890f52e97ebf0 | Trojan DLOADER |
SHEDOWFITER.EXE | cf53b5d71abe101213d890f52e97ebf0 | Trojan PAK_Generic |
SHEDOWFITER.EXE | cf53b5d71abe101213d890f52e97ebf0 | Trojan Generic |
SHEDOWFITER.EXE | cf53b5d71abe101213d890f52e97ebf0 | Trojan DNAScan |
SHEDOWFITER.EXE size: 69632 bytes
SHEDOWFITER.EXE hash: CF53B5D71ABE101213D890F52E97EBF0
Created files:
%SysDir%\dllcache\rasapi32.dll.gaga
%SysDir%\e0x2.dll
%SysDir%\e4882184.e48
%SysDir%\edclient.exe
%SysDir%\rasapi32.dll.bak
%SysDir%\rasapi32.dll.bak1
%SysDir%\secposs.exe
%SysDir%\shedowfiter.exe
%SysDir%\vstaroge.exe
%SysDir%\wloadclient.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\54rk: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073006800650064006F007700660069007400650072002E006500780065000000AC202E002400000000000000DC007300B8000000DC0073004800FB00120000000600000000000000AE002C0018207C00E4002C0018207C0051002D0018207C0058002D0018207C0046000000000000001000020000000000080002000000000000000000000000007000FB00120000000000D000FD007F00E000FB001200000000000000000000004000C00014000000FF00FF00FF00FF0058002D0018207C00000000001400000001000000000000000000000014000000A000F900120000000400010000000000B000FF0012000000100000000100000042000000000000001800FB00120000000000000000000000B000FF00120000000000E90090007C004000000018207C00FF00FF00FF00FF003D00000018207C005201040018207C00000000001400000000000000000000007000C10014000000F800FB00120000006200040018207C007000C10014000000A000F700C50077005800FE00120000004E006200C40077001800FC00120000007D006200C40077005800FE0012000000A80070004000000000000000000000000000000000000000C000FF001200000051005400400000005800FE0012000000A800700040000000
Detected by UnHackMe:
SHEDOWFITER.EXE
Default location: %SYSDIR%\SHEDOWFITER.EXE
Dropper information:
MD5: 7e1e091cf0f39b90a56e1ba21aa1ae87
File size: 348160 bytes