REGSVR.EXE – Worm Autoit

I will tell you in this post how to fix the issue manually and how to clean it automatically using a special powerful removal tool. You can download the removal program for free here:

Manual removal instructions:

REGSVR.EXE – Worm Autoit removal

File MD5 Virus Alias
REGSVR.EXE 8750a32a5a93ea0fcc4bea5a31f10721 Worm Autoit
REGSVR.EXE 8750a32a5a93ea0fcc4bea5a31f10721 Trojan SuspiciousFile
REGSVR.EXE 8750a32a5a93ea0fcc4bea5a31f10721 Trojan Hllw
REGSVR.EXE 8750a32a5a93ea0fcc4bea5a31f10721 Trojan Downloader
REGSVR.EXE 8750a32a5a93ea0fcc4bea5a31f10721 Worm Sohanat
REGSVR.EXE 8750a32a5a93ea0fcc4bea5a31f10721 Worm Vobfus

REGSVR.EXE size: 1984512 bytes
REGSVR.EXE hash: 8750A32A5A93EA0FCC4BEA5A31F10721

Created files:

%WinDir%\regsvr.exe
%SysDir%\regsvr.exe
%SysDir%\svchost .exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe regsvr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Msn Messsenger: %WinDir%\System32\regsvr.exe

Detected by UnHackMe:

REGSVR.EXE
Default location: %WinDir%\REGSVR.EXE

Dropper information:
MD5: 8750a32a5a93ea0fcc4bea5a31f10721
File size: 1984512 bytes