I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
XEPPYDN.EXE – Trojan Vilsel removal
| File | MD5 | Virus Alias |
|---|---|---|
| XEPPYDN.EXE | daf3154fb8d95b1452b49923ed14249e | Trojan Vilsel |
| XEPPYDN.EXE | daf3154fb8d95b1452b49923ed14249e | Trojan Eldorado |
| XEPPYDN.EXE | daf3154fb8d95b1452b49923ed14249e | Trojan PAM |
| XEPPYDN.EXE | daf3154fb8d95b1452b49923ed14249e | Trojan Renos |
| XEPPYDN.EXE | daf3154fb8d95b1452b49923ed14249e | Worm Autorun |
| XEPPYDN.EXE | daf3154fb8d95b1452b49923ed14249e | Trojan Agent |
XEPPYDN.EXE size: 327680 bytes
XEPPYDN.EXE hash: DAF3154FB8D95B1452B49923ED14249E
Created files:
%WinDir%\dupzshbrnzxnqwhyt.exe
%WinDir%\kecpldatshibhqeywjfx.exe
%WinDir%\mealfvqherqhlsewsd.exe
%WinDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\dupzshbrnzxnqwhyt.exe
%SysDir%\kecpldatshibhqeywjfx.exe
%SysDir%\mealfvqherqhlsewsd.exe
%SysDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\wmgphvodyjgvxcmc.exe
%SysDir%\xqnzulhzxlldiqdwtfa.exe
%SysDir%\zuthexvppfhbishcbpmfd.exe
%TEMP%\dupzshbrnzxnqwhyt.exe
%TEMP%\kecpldatshibhqeywjfx.exe
%TEMP%\mealfvqherqhlsewsd.exe
%TEMP%\qmmbztsnofidlwmiixvpoj.exe
%TEMP%\wmgphvodyjgvxcmc.exe
%TEMP%\xeppydn.exe
%TEMP%\xheepzwwhro.exe
%TEMP%\xqnzulhzxlldiqdwtfa.exe
%TEMP%\zuthexvppfhbishcbpmfd.exe
%WinDir%\wmgphvodyjgvxcmc.exe
%WinDir%\xqnzulhzxlldiqdwtfa.exe
%WinDir%\zuthexvppfhbishcbpmfd.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mughrxip: xqnzulhzxlldiqdwtfa.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\zenls: %TEMP%\kecpldatshibhqeywjfx.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\kqazhl: mealfvqherqhlsewsd.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\oaqvjtitkrkv: %TEMP%\kecpldatshibhqeywjfx.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\xeppydn: dupzshbrnzxnqwhyt.exe .
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\rcrvirfpfld: %TEMP%\mealfvqherqhlsewsd.exe .
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dmzbmtfnb: kecpldatshibhqeywjfx.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\kqazhl: %TEMP%\kecpldatshibhqeywjfx.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\wguxjrench: xqnzulhzxlldiqdwtfa.exe .
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\xeppydn: %TEMP%\wmgphvodyjgvxcmc.exe .
Detected by UnHackMe:
XEPPYDN.EXE
Default location: %TEMP%\XEPPYDN.EXE
Dropper information:
MD5: 155873de955bccdb45d5b6ca13fbd1e6
File size: 1040384 bytes