Trojan Jorik – crrss.exe – 37ca17cce865589ff8460572ea2eef79

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Jorik
Also known as: Trojan FakeAV, Trojan Siggen
SHA256: 98101734657d87b4e49293dabdb904ba87fdf325031e4c778cf1dc535b1013fb
SHA1: 3208cfcfb93268fb7c67bd5dea768fbb93fe5d90
MD5: 37ca17cce865589ff8460572ea2eef79
File size: 44032 bytes

Created files:

%SysDir%\crrss.exe – Trojan Jorik
%UserProfile%\ss.exe – Trojan Jorik
%UserProfile%\winlogon.exe – Trojan Jorik

Trojan Jorik created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\crrss: %WinDir%\System32\crrss.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\System32\crrss.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\winlogon: %UserProfile%\winlogon.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: explorer.exe “%UserProfile%\winlogon.exe”

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images