I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
REGSVR.EXE – Virus Sality removal
| File | MD5 | Virus Alias |
|---|---|---|
| REGSVR.EXE | ceaf4d9e1f408299144e75d7f29c1810 | Virus Sality |
| REGSVR.EXE | ceaf4d9e1f408299144e75d7f29c1810 | Trojan SuspiciousFile |
| REGSVR.EXE | ceaf4d9e1f408299144e75d7f29c1810 | Worm Autoit |
| REGSVR.EXE | ceaf4d9e1f408299144e75d7f29c1810 | Worm Autorun |
| REGSVR.EXE | ceaf4d9e1f408299144e75d7f29c1810 | Trojan Siggen |
| REGSVR.EXE | ceaf4d9e1f408299144e75d7f29c1810 | Trojan Crypt |
REGSVR.EXE size: 997537 bytes
REGSVR.EXE hash: CEAF4D9E1F408299144E75D7F29C1810
Created files:
C:\1716b9
%WinDir%\regsvr.exe
%SysDir%\28463\svchost.001
%SysDir%\28463\svchost.exe
%SysDir%\regsvr.exe
%SysDir%\svchost .exe
D:\171ac1
D:\cert\VBoxCertUtil.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\svchost Agent: %WinDir%\System32\28463\svchost.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe regsvr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Msn Messsenger: %WinDir%\System32\regsvr.exe
Detected by UnHackMe:
REGSVR.EXE
Default location: %WinDir%\REGSVR.EXE
Dropper information:
MD5: ca33e1826f8d03ed2c11fba563ca3bbb
File size: 4207 bytes