Trojan FakeAV – cqf.exe – 0a2d8ddee3cb9665b967d84b0cecc7c1

August 22, 2012

Alex NightWatcher

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan FakeAV
Also known as: Trojan Kryptik, Trojan Agent
SHA256: 7690b8ea10ecf7b46bc4fd7c558cd8d1e16c1b44e53fc3e06b0407ccdb0a7400
SHA1: 28d7b28a403c9889122712c86f84b4b79d460389
MD5: 0a2d8ddee3cb9665b967d84b0cecc7c1
File size: 323584 bytes

Created files:

%Local AppData%\cqf.exe – Trojan FakeAV

Trojan FakeAV created autostart registry keys:

HKLM\System\CurrentControlSet\Services\SharedAccess\Start: 04000000
HKLM\System\CurrentControlSet\Services\wuauserv: deleted registry key
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe: %WinDir%\System32\ctfmon.exe

Leave a Reply Cancel reply

You must be logged in to post a comment.