SPOOLER.EXE – Trojan SuspiciousFile

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SPOOLER.EXE – Trojan SuspiciousFile removal

FileMD5Virus Alias
SPOOLER.EXE b4c7fa53d061050252ffcbc5c2986081 Trojan SuspiciousFile

SPOOLER.EXE size: 123912 bytes
SPOOLER.EXE hash: B4C7FA53D061050252FFCBC5C2986081

Created files:

%WinDir%\Temp\CREADLL.dll
%WinDir%\Temp\dnslib.dll
%WinDir%\Temp\Download.exe
%WinDir%\Temp\encdec.dll
%WinDir%\Temp\escanipc.exe
%WinDir%\Temp\escanmon9.exe
%WinDir%\Temp\eScanwin.exe
%WinDir%\Temp\eslogon.dll
%WinDir%\Temp\esupd.exe
%WinDir%\Temp\farbuffer.ppl
%WinDir%\Temp\faristream.ppl
%WinDir%\Temp\FSSync.dll
%WinDir%\Temp\Getvlist.exe
%WinDir%\Temp\ichk2.ppl
%WinDir%\Temp\ikave.dll
%WinDir%\Temp\instscan.exe
%WinDir%\Temp\Inst_TSP.EXE
%WinDir%\Temp\inst_tspx.exe
%WinDir%\Temp\kave.dll
%WinDir%\Temp\KILLPROC.exe
%WinDir%\Temp\LAUNCH.exe
%WinDir%\Temp\License9.exe
%WinDir%\Temp\lickey.dll
%WinDir%\Temp\mailadm.exe
%WinDir%\Temp\MAILDISP.exe
%WinDir%\Temp\MAILREMV.exe
%WinDir%\Temp\MAILSCAN.exe
%WinDir%\Temp\mdb.ppl
%WinDir%\Temp\mexe.com
%WinDir%\Temp\MonInter.dll
%WinDir%\Temp\msvclnt.dll
%WinDir%\Temp\msvl64.dll
%WinDir%\Temp\MWAGENT.exe
%WinDir%\Temp\MWASer.exe
%WinDir%\Temp\mwnsp.dll
%WinDir%\Temp\mwnsp64.dll
%WinDir%\Temp\mwtsp.dll
%WinDir%\Temp\mwtsp64.dll
%WinDir%\Temp\prLoader.dll
%WinDir%\Temp\reload.exe
%WinDir%\Temp\rp.exe
%WinDir%\Temp\RunFile.exe
%WinDir%\Temp\sc.exe
%WinDir%\Temp\scan.dll
%WinDir%\Temp\ScanningProcess.exe
%WinDir%\Temp\SCANREMV.exe
%WinDir%\Temp\setpriv.exe
%WinDir%\Temp\smtpsend.exe
%WinDir%\Temp\spooler.exe
%WinDir%\Temp\test2.exe
%WinDir%\Temp\Traycser.exe
%WinDir%\Temp\TRAYESER.exe
%WinDir%\Temp\TrayicoC.exe
%WinDir%\Temp\Trayicos.exe

Detected by UnHackMe:

SPOOLER.EXE
Default location: %TEMP%\SPOOLER.EXE

Dropper information:
MD5: 6881bde35ce918c21e7f39cf8f1c696c
File size: 16807084 bytes

Leave a Reply