Trojan Jorik – tcptsys.exe – 7b1ab32e04aff968394052d57cba713e

August 15, 2012

Alex NightWatcher

Trojan 1 Comment

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Jorik
Also known as: Worm Autorun, Trojan Downloader.Generic
SHA256: f29940bf78d11d7969d1d24cf9d335cff1e74408fd520da1a972b31e4072b38b
SHA1: e387e86ca174512b685ca72e66971dbf5324cf71
MD5: 7b1ab32e04aff968394052d57cba713e
File size: 102400 bytes

Created files:

%SysDir%\drivers\tcpip.sys – Trojan Jorik
%WinDir%\tcptsys.exe – Trojan Jorik

Trojan Jorik created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Microsoft Driver Setup: %WinDir%\tcptsys.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Driver Setup: %WinDir%\tcptsys.exe

One response on “Trojan Jorik – tcptsys.exe – 7b1ab32e04aff968394052d57cba713e”

dmitrysokolov Post authorAugust 16, 2012 at 10:46
Hi,
Very useful!
Thanks
Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.