Virus Expiro – 395ecd9c3b0e9b3ec285bdbfd25d4b5b

Virus Expiro
Also known as:Trojan Crypt
SHA256: 05b620d1fa1c37c022dbbf823cfeced919e105cf6d2326a6655ba13478d43bd3
SHA1: 494338a7218972d1cd07b15dc35706a2b46d268a
MD5: 395ecd9c3b0e9b3ec285bdbfd25d4b5b
File size: 184320 bytes

Created files:

%Program Files%\Internet Explorer\iexplore.exe – Virus Expiro
%Program Files%\Mozilla Firefox\firefox.exe – Virus Expiro
%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe – Virus Expiro
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe – Virus Expiro
%Program Files%\MSN Gaming Zone\Windows\hrtzzm.exe – Virus Expiro
%Program Files%\MSN Gaming Zone\Windows\Rvsezm.exe – Virus Expiro
%Program Files%\MSN Gaming Zone\Windows\shvlzm.exe – Virus Expiro
%Program Files%\Opera\opera.exe – Virus Expiro
%Program Files%\Oracle\VirtualBox Guest Additions\uninst.exe – Virus Expiro
C:\windows\system32\control.exe – Virus Expiro
C:\windows\system32\rundll32.exe – Virus Expiro
%Common AppData%\Apple Computer\Installer Cache\Safari 5.34.52.7\SetupAdmin.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.56\chrome_frame_helper.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.56\chrome_launcher.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.56\Installer\setup.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.56\nacl64.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.79\chrome_frame_helper.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.79\chrome_launcher.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.79\Installer\setup.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\17.0.963.79\nacl64.exe – Virus Expiro
%Local AppData%\Google\Chrome\Application\chrome.exe – Virus Expiro

Virus Expiro created autostart registry keys:

HKLM\System\CurrentControlSet\Services\msiserver\Type: 20010000
HKLM\System\CurrentControlSet\Services\msiserver\Start: 02000000