I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Trojan Graftor
Also known as: Trojan Downloader.Generic, Trojan Jorik
SHA256: 8b8df95434e9c11fc52eb1cf317557b762fe409358a15a38f909ddd50850954f
SHA1: 6fe715e43dd48ea52dc9ed103422e2eb9462ad3f
MD5: 14b19cd7d0cdb9f016c3e673b0b42ac2
File size: 247408 bytes
Created files:
%Recent%\ZSHP1020Update.exe.lnk – Trojan Graftor
Trojan Graftor created autostart registry keys:
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\Type: 10010000
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\Start: 02000000
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\DisplayName: HP Print Spooler
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\Description: Enable to run on this computer HP Print Spooler. If you stop the service, HP Print Spooler will be unavailable. If disabled, any services directly dependent on this service will not start.
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\SBIE_Win32ExitCode: 02000000
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\Parameters\ServiceDll: 43003A005C0044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E00670073005C0055005300450052005C0052006500630065006E0074005C005A0053004800500031003000320030005500700064006100740065002E006500780065002E006C006E006B000000
HKLM\System\CurrentControlSet\Services\HpPrintSpooler\Parameters\ServiceMain: OceanArk