I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Trojan Graftor
Also known as: Trojan Agent, Trojan Scar
SHA256: f96f233522958327b81a990ecaa7881e2428a98b9e0db08e73fa19431bb09c90
SHA1: baeaa7d24167917ca9a545c6cadbf497265507f9
MD5: 0c218b6c456996871268b08cb11993e7
File size: 87040 bytes
Created files:
%Program Files%\CaulkHarridan\PresidePageant.exe – Trojan Graftor
%Program Files%\FlexDissonant\LevitateTournament.exe – Trojan Graftor
%WinDir%\ZAYUOZBIDUJF.dll – Trojan Graftor
%Temp%\LongitudeContortion.exe – Trojan Graftor
Trojan Graftor created autostart registry keys:
HKLM\Software\Classes\CLSID\{F4BAEFBE-7CF3-0EA8-3E22-080C5180AC1F}\InprocServer32 : %WinDir%\ZAYUOZBIDUJF.dll
HKLM\Software\Classes\CLSID\{F4BAEFBE-7CF3-0EA8-3E22-080C5180AC1F}\InprocServer32\ThreadingModel: Apartment
HKLM\System\CurrentControlSet\Services\ImplicitVandalize\Type: 10010000
HKLM\System\CurrentControlSet\Services\ImplicitVandalize\Start: 02000000
HKLM\System\CurrentControlSet\Services\ImplicitVandalize\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ImplicitVandalize\DisplayName: ImplicitVandalize
HKLM\System\CurrentControlSet\Services\ImplicitVandalize\ImagePath: %Program Files%\FlexDissonant\LevitateTournament.exe VandalizePreside
HKLM\System\CurrentControlSet\Services\VandalizePreside\Type: 10010000
HKLM\System\CurrentControlSet\Services\VandalizePreside\Start: 02000000
HKLM\System\CurrentControlSet\Services\VandalizePreside\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\VandalizePreside\DisplayName: VandalizePreside
HKLM\System\CurrentControlSet\Services\VandalizePreside\ImagePath: %Program Files%\CaulkHarridan\PresidePageant.exe IntricacyRail