BSClientName.exe – Worm Autorun

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

BSClientName.exe – Worm Autorun removal

FileVirus Alias
BSClientName.exe Worm Autorun
BSClientName.exe Trojan Agent
BSClientName.exe Trojan CI
BSClientName.exe Trojan Crypt
BSClientName.exe Trojan Generic
BSClientName.exe Trojan Downloader.Generic

Created files:

%SysDir%\BSClientName.dll – Worm Autorun
%SysDir%\BSClientName.exe – Worm Autorun
%WinDir%\TEMP\BClib\dp1.fne – Worm Autorun
%WinDir%\TEMP\BClib\Exmlrpc.fne – Worm Autorun
%WinDir%\TEMP\BClib\krnln.fne – Worm Autorun
%WinDir%\TEMP\BClib\krnln.fnr – Worm Autorun
%WinDir%\TEMP\E_4\dp1.fne – Worm Autorun
%WinDir%\TEMP\E_4\Exmlrpc.fne – Worm Autorun
%WinDir%\TEMP\E_4\krnln.fnr – Worm Autorun

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\BSServerName\Type: 10010000
HKLM\System\CurrentControlSet\Services\BSServerName\Start: 02000000
HKLM\System\CurrentControlSet\Services\BSServerName\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\BSServerName\DisplayName: BSServerName
HKLM\System\CurrentControlSet\Services\BSServerName\ImagePath: %WinDir%\System32\BSClientName.exe
HKLM\System\CurrentControlSet\Services\BSServerName\Parameters\Application: %WinDir%\System32\BSClientName.exe

Detected by UnHackMe:

BSClientName.exe
Default location: %SysDir%\BSClientName.exe
Dropper information:
SHA256: cc5d441ef06a45838cac5002cbeb6ab6d3dcebbe0c212fd750d5dc919a6c394b
SHA1: c4306f2f368c1d2cc217c0c8089439c25d9502d6
MD5: 0a0aa955f23aa6df30ec58ee9692a349
File size: 737133 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images