WINSERV.EXE – Trojan Tibia

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINSERV.EXE – Trojan Tibia removal

FileMD5Virus Alias
WINSERV.EXE 8a672b5488cb7170658a39ba38710b3d Trojan Tibia
WINSERV.EXE 8a672b5488cb7170658a39ba38710b3d Trojan Malware.Obscu
WINSERV.EXE 8a672b5488cb7170658a39ba38710b3d Trojan Generic
WINSERV.EXE 8a672b5488cb7170658a39ba38710b3d Trojan Xema
WINSERV.EXE 8a672b5488cb7170658a39ba38710b3d Trojan Agent
WINSERV.EXE 8a672b5488cb7170658a39ba38710b3d Trojan Delf

WINSERV.EXE size: 38400 bytes
WINSERV.EXE hash: 8A672B5488CB7170658A39BA38710B3D

Created files:

%WinDir%\WinServ.exe
%Temp%\4748DB.dmp

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\winserv\Type: 10010000
HKLM\System\CurrentControlSet\Services\winserv\Start: 02000000
HKLM\System\CurrentControlSet\Services\winserv\DisplayName: WinServ
HKLM\System\CurrentControlSet\Services\winserv\ImagePath: %WinDir%\WinServ.exe

Detected by UnHackMe:

WINSERV.EXE
Default location: %WinDir%\WINSERV.EXE

Dropper information:
MD5: 8a672b5488cb7170658a39ba38710b3d
File size: 38400 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images