I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
WIN.EXE – Virus Sality removal
File | MD5 | Virus Alias |
---|---|---|
WIN.EXE | 02c6e3e52c010b7f18ab0c7a90107d1e | Virus Sality |
WIN.EXE | 02c6e3e52c010b7f18ab0c7a90107d1e | Trojan Hllw |
WIN.EXE | 02c6e3e52c010b7f18ab0c7a90107d1e | Worm Brontok |
WIN.EXE | 02c6e3e52c010b7f18ab0c7a90107d1e | Worm Autorun |
WIN.EXE size: 77824 bytes
WIN.EXE hash: 02C6E3E52C010B7F18AB0C7A90107D1E
Created files:
%WinDir%\dc.exe
%WinDir%\Help\Other.exe
%WinDir%\inf\Other.exe
%WinDir%\SVIQ.EXE
%WinDir%\system\Fun.exe
%SysDir%\config\Win.exe
%SysDir%\olemdb32.dll
%SysDir%\olemdb32.dl_
%SysDir%\WinSit.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe %WinDir%\System32\WinSit.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dc2k5: %WinDir%\SVIQ.EXE
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: %WinDir%\inf\Other.exe
Detected by UnHackMe:
WIN.EXE
Default location: %SYSDIR%\CONFIG\WIN.EXE
Dropper information:
MD5: 02c6e3e52c010b7f18ab0c7a90107d1e
File size: 77824 bytes