I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
WINLOGON.EXE – Trojan Small removal
| File | MD5 | Virus Alias |
|---|---|---|
| WINLOGON.EXE | 03d370bf9d860645cbbe67d515150f57 | Trojan Small |
| WINLOGON.EXE | 03d370bf9d860645cbbe67d515150f57 | Trojan Artemis |
| WINLOGON.EXE | 03d370bf9d860645cbbe67d515150f57 | Trojan Generic |
| WINLOGON.EXE | 03d370bf9d860645cbbe67d515150f57 | Trojan Eldorado |
| WINLOGON.EXE | 03d370bf9d860645cbbe67d515150f57 | Trojan Downloader |
| WINLOGON.EXE | 03d370bf9d860645cbbe67d515150f57 | Trojan Agent |
WINLOGON.EXE size: 472064 bytes
WINLOGON.EXE hash: 03D370BF9D860645CBBE67D515150F57
Created files:
%WinDir%\System\rsvp.exe
%UserProfile%\Local Settings\Application Data\Microsoft\cisvc.exe
%UserProfile%\Local Settings\Application Data\Microsoft\clipsrv.exe
%UserProfile%\Local Settings\Application Data\smss.exe
%TEMP%\Twain002.Mtx
%WinDir%\winlogon.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\cisvc: %Local AppData%\Microsoft\cisvc.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Session Manager: %WinDir%\System32\config\SYSTEM~1\LOCALS~1\APPLIC~1\smss.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ClipSrv: %Local AppData%\Microsoft\clipsrv.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\WinLogon: %WinDir%\winlogon.exe
Detected by UnHackMe:
WINLOGON.EXE
Default location: %WinDir%\WINLOGON.EXE
Dropper information:
MD5: 03d370bf9d860645cbbe67d515150f57
File size: 472064 bytes