Trojan Malagent – winlogon.exe – 0e51105a38ec29059871d210021f339f

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Malagent
Also known as: Worm Autorun, Trojan Agent
SHA256: 517064445e08d765d56fba1181beee09de69bdb80b2c19fd69712b64681784af
SHA1: ecc4400be9960ab539610c3e6e9d878dc8a1a2af
MD5: 0e51105a38ec29059871d210021f339f
File size: 602288 bytes

Created files:

%Common Startmenu%\Programs\Startup\winlogon.exe – Trojan Malagent
%Common Startmenu%\Programs\winlogon.exe – Trojan Malagent
%Common Startmenu%\winlogon.exe – Trojan Malagent
%UserProfile%\25543555\winlogon.exe – Trojan Malagent
%Startup%\winlogon.exe – Trojan Malagent
%Startmenu%\Programs\winlogon.exe – Trojan Malagent
%Startmenu%\winlogon.exe – Trojan Malagent

Trojan Malagent created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\CA92078A62DE3BDAA1E3323692E86B08CC1CACAC1D1362BC: %UserProfile%\25543555\winlogon.exe
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DisableNotifications: 01000000
HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DisableNotifications: 01000000
HKLM\System\CurrentControlSet\Services\sr\Start: 04000000
HKLM\System\CurrentControlSet\Services\wscsvc\Start: 04000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\8C4360D1300271B1D6E443121F7E774CA8B072EB3ABC1AD4: %UserProfile%\25543555\winlogon.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images