I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
XHEEPZWWHRO.EXE – Trojan Vilsel removal
| File | MD5 | Virus Alias |
|---|---|---|
| XHEEPZWWHRO.EXE | 95a272dd619f32d4a8980129dec26026 | Trojan Vilsel |
| XHEEPZWWHRO.EXE | 95a272dd619f32d4a8980129dec26026 | Trojan Generic |
| XHEEPZWWHRO.EXE | 95a272dd619f32d4a8980129dec26026 | Trojan Eldorado |
| XHEEPZWWHRO.EXE | 95a272dd619f32d4a8980129dec26026 | Trojan PAM |
| XHEEPZWWHRO.EXE | 95a272dd619f32d4a8980129dec26026 | Trojan Renos |
| XHEEPZWWHRO.EXE | 95a272dd619f32d4a8980129dec26026 | Worm Autorun |
XHEEPZWWHRO.EXE size: 327680 bytes
XHEEPZWWHRO.EXE hash: 95A272DD619F32D4A8980129DEC26026
Created files:
%WinDir%\dupzshbrnzxnqwhyt.exe
%WinDir%\kecpldatshibhqeywjfx.exe
%WinDir%\mealfvqherqhlsewsd.exe
%WinDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\dupzshbrnzxnqwhyt.exe
%SysDir%\kecpldatshibhqeywjfx.exe
%SysDir%\mealfvqherqhlsewsd.exe
%SysDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\wmgphvodyjgvxcmc.exe
%SysDir%\xqnzulhzxlldiqdwtfa.exe
%SysDir%\zuthexvppfhbishcbpmfd.exe
%TEMP%\dupzshbrnzxnqwhyt.exe
%TEMP%\kecpldatshibhqeywjfx.exe
%TEMP%\mealfvqherqhlsewsd.exe
%TEMP%\qmmbztsnofidlwmiixvpoj.exe
%TEMP%\wmgphvodyjgvxcmc.exe
%TEMP%\xheepzwwhro.exe
%TEMP%\xqnzulhzxlldiqdwtfa.exe
%TEMP%\zuthexvppfhbishcbpmfd.exe
%WinDir%\wmgphvodyjgvxcmc.exe
%WinDir%\xqnzulhzxlldiqdwtfa.exe
%WinDir%\zuthexvppfhbishcbpmfd.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mughrxip: wmgphvodyjgvxcmc.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\kqazhl: wmgphvodyjgvxcmc.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\xeppydn: mealfvqherqhlsewsd.exe .
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe
Detected by UnHackMe:
XHEEPZWWHRO.EXE
Default location: %TEMP%\XHEEPZWWHRO.EXE
Dropper information:
MD5: 00de163fab75b7f628c1e9ebb29971b7
File size: 655360 bytes