VNC1.EXE – Trojan UnwantedProgram

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

VNC1.EXE – Trojan UnwantedProgram removal

FileMD5Virus Alias
VNC1.EXE 14a729faa4cc7258b395344c916e2fb4 Trojan UnwantedProgram
VNC1.EXE 14a729faa4cc7258b395344c916e2fb4 Trojan SuspiciousFile
VNC1.EXE 14a729faa4cc7258b395344c916e2fb4 Trojan Adload

VNC1.EXE size: 805974 bytes
VNC1.EXE hash: 14A729FAA4CC7258B395344C916E2FB4

Created files:

%SysDir%\System64.dll
%SysDir%\vnc\00.exe
%SysDir%\vnc\s.exe
%SysDir%\vnc\vnc.exe
%SysDir%\vnc\VNCLink.exe
%TEMP%\E_4\krnln.fnr
%TEMP%\r.exe
%TEMP%\vnc1.exe
%TEMP%\????????VNC?????.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\Type: 10010000
HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\Start: 02000000
HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\DisplayName: Windows System Evnt Notification
HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\ImagePath: %SystemRoot%\System32\svchost.exe -k netservice
HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\DependOnService: RpcSs
HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\Enum\0: Root\LEGACY_Windows System Evnt Notification\0000
HKLM\System\CurrentControlSet\Services\Windows System Evnt Notification\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00530079007300740065006D00360034002E0064006C006C000000

Detected by UnHackMe:

VNC1.EXE
Default location: %TEMP%\VNC1.EXE

Dropper information:
MD5: 768e39809917b65a82657ddbd6adeb73
File size: 1140224 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images