I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
XHEEPZWWHRO.EXE – Trojan Vilsel removal
| File | MD5 | Virus Alias |
|---|---|---|
| XHEEPZWWHRO.EXE | dff674b61a3a720d30fb0042c3bb9724 | Trojan Vilsel |
| XHEEPZWWHRO.EXE | dff674b61a3a720d30fb0042c3bb9724 | Trojan Generic |
| XHEEPZWWHRO.EXE | dff674b61a3a720d30fb0042c3bb9724 | Trojan Eldorado |
| XHEEPZWWHRO.EXE | dff674b61a3a720d30fb0042c3bb9724 | Trojan PAM |
| XHEEPZWWHRO.EXE | dff674b61a3a720d30fb0042c3bb9724 | Trojan Renos |
| XHEEPZWWHRO.EXE | dff674b61a3a720d30fb0042c3bb9724 | Worm Autorun |
XHEEPZWWHRO.EXE size: 327680 bytes
XHEEPZWWHRO.EXE hash: DFF674B61A3A720D30FB0042C3BB9724
Created files:
%WinDir%\dupzshbrnzxnqwhyt.exe
%WinDir%\kecpldatshibhqeywjfx.exe
%WinDir%\mealfvqherqhlsewsd.exe
%WinDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\dupzshbrnzxnqwhyt.exe
%SysDir%\kecpldatshibhqeywjfx.exe
%SysDir%\mealfvqherqhlsewsd.exe
%SysDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\wmgphvodyjgvxcmc.exe
%SysDir%\xqnzulhzxlldiqdwtfa.exe
%SysDir%\zuthexvppfhbishcbpmfd.exe
%TEMP%\dupzshbrnzxnqwhyt.exe
%TEMP%\kecpldatshibhqeywjfx.exe
%TEMP%\mealfvqherqhlsewsd.exe
%TEMP%\qmmbztsnofidlwmiixvpoj.exe
%TEMP%\wmgphvodyjgvxcmc.exe
%TEMP%\xheepzwwhro.exe
%TEMP%\xqnzulhzxlldiqdwtfa.exe
%TEMP%\zuthexvppfhbishcbpmfd.exe
%WinDir%\wmgphvodyjgvxcmc.exe
%WinDir%\xqnzulhzxlldiqdwtfa.exe
%WinDir%\zuthexvppfhbishcbpmfd.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mughrxip: xqnzulhzxlldiqdwtfa.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\kqazhl: mealfvqherqhlsewsd.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\xeppydn: zuthexvppfhbishcbpmfd.exe .
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe
Detected by UnHackMe:
XHEEPZWWHRO.EXE
Default location: %TEMP%\XHEEPZWWHRO.EXE
Dropper information:
MD5: 2a2eca9c3694545b9c418bd72cd6f36b
File size: 479232 bytes