Solved! Use WINLOGON32.EXE (Trojan Krap) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINLOGON32.EXE – Trojan Krap removal

FileMD5Virus Alias
WINLOGON32.EXE 19df280a2d1781ab2923ed25a051863e Trojan Krap
WINLOGON32.EXE 19df280a2d1781ab2923ed25a051863e Trojan XPACK
WINLOGON32.EXE 19df280a2d1781ab2923ed25a051863e Trojan Generic
WINLOGON32.EXE 19df280a2d1781ab2923ed25a051863e Trojan Eldorado
WINLOGON32.EXE 19df280a2d1781ab2923ed25a051863e Trojan Downloader
WINLOGON32.EXE 19df280a2d1781ab2923ed25a051863e Trojan Agent

WINLOGON32.EXE size: 240128 bytes
WINLOGON32.EXE hash: 19DF280A2D1781AB2923ED25A051863E

Created files:

C:\s
%SysDir%\smss32.exe
%SysDir%\winlogon32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\smss32.exe: %WinDir%\System32\smss32.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\winlogon32.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\smss32.exe: %WinDir%\System32\smss32.exe

Detected by UnHackMe:

WINLOGON32.EXE
Default location: %SYSDIR%\WINLOGON32.EXE

Dropper information:
MD5: 19df280a2d1781ab2923ed25a051863e
File size: 240128 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images