vssetup.exe – Trojan Generic

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

vssetup.exe – Trojan Generic removal

FileVirus Alias
vssetup.exe Trojan Generic
vssetup.exe Trojan Delf

Created files:

%WinDir%\TEMP\IXP000.TMP\vs.exe – Trojan Generic
%WinDir%\TEMP\RarSFX0\lame_enc.dll – Trojan Generic
%WinDir%\TEMP\RarSFX0\libgain.dll – Trojan Generic
%WinDir%\TEMP\RarSFX0\shr.dll – Trojan Generic
%WinDir%\TEMP\RarSFX0\Skype4COM.dll – Trojan Generic
%WinDir%\TEMP\RarSFX0\vssetup.exe – Trojan Generic
%WinDir%\TEMP\RarSFX0\__tmp_rar_sfx_access_check_1866533 – Trojan Generic

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%WinDir%\TEMP\IXP000.TMP\”

Detected by UnHackMe:

vssetup.exe
Default location: %WinDir%\TEMP\RarSFX0\vssetup.exe

Dropper information:
SHA256: 91bc4f1861c4f9e8001a8c58c3b4043d4d5caba976d67de25052a1b22e3359d3
SHA1: 9c47dacac71aa654694c487133700d30bbf8ab71
MD5: 23ef6c69761b25821947466d4cd5b92a
File size: 1345536 bytes

Leave a Reply