WINSEARCHCPINST.EXE – Trojan Kazy

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

WINSEARCHCPINST.EXE – Trojan Kazy removal

File MD5 Virus Alias
WINSEARCHCPINST.EXE 30f84a26e1834cd06be2aab4d1e71adc Trojan Kazy
WINSEARCHCPINST.EXE 30f84a26e1834cd06be2aab4d1e71adc Trojan SuspiciousFile
WINSEARCHCPINST.EXE 30f84a26e1834cd06be2aab4d1e71adc Trojan Artemis
WINSEARCHCPINST.EXE 30f84a26e1834cd06be2aab4d1e71adc Trojan Generic
WINSEARCHCPINST.EXE 30f84a26e1834cd06be2aab4d1e71adc Trojan Downloader
WINSEARCHCPINST.EXE 30f84a26e1834cd06be2aab4d1e71adc Trojan Agent

WINSEARCHCPINST.EXE size: 861608 bytes
WINSEARCHCPINST.EXE hash: 30F84A26E1834CD06BE2AAB4D1E71ADC

Created files:

%Program Files%\Winsearchcp\installwin.exe
%Program Files%\Winsearchcp\Uninstall.exe
%Program Files%\Winsearchcp\winsearchcp.dll
%Program Files%\Winsearchcp\winsearchcpdl.exe
%SysDir%\INETKO.DLL
%SysDir%\winsearchcpinst.exe

Autostart registry keys:

HKLM\Software\Classes\CLSID\{0E205AC2-FB09-4C7D-91F4-054CB3B93AE7}\InprocServer32 : %Program Files%\Winsearchcp\winsearchcp.dll
HKLM\Software\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX

Detected by UnHackMe:

WINSEARCHCPINST.EXE
Default location: %SYSDIR%\WINSEARCHCPINST.EXE

Dropper information:
MD5: 5bfe9651bdc3b2e0201049402dea9bb2
File size: 901120 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images