Solved! Use WINDOWS.EXE (Worm Autorun) Removal Guide

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINDOWS.EXE – Worm Autorun removal

FileMD5Virus Alias
WINDOWS.EXE ff82c0d327e3fe085b5d6475a5250121 Worm Autorun
WINDOWS.EXE ff82c0d327e3fe085b5d6475a5250121 Virus Renamer
WINDOWS.EXE ff82c0d327e3fe085b5d6475a5250121 Trojan Rimecud
WINDOWS.EXE ff82c0d327e3fe085b5d6475a5250121 Trojan Agent
WINDOWS.EXE ff82c0d327e3fe085b5d6475a5250121 Virus Sality
WINDOWS.EXE ff82c0d327e3fe085b5d6475a5250121 Trojan Invader

WINDOWS.EXE size: 418275 bytes
WINDOWS.EXE hash: FF82C0D327E3FE085B5D6475A5250121

Created files:

%WinDir%\explorer.exe.local
%WinDir%\system\csrss.exe
%WinDir%\system\windows.exe
%WinDir%\Wplugin.dll
%WinDir%\ws2help.dll
%AppData%\Wplugin.dll
%Temp%\{5EF8B83E-D184-4DC7-8265-03A53446814A}-GoogleUpdateSetup.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VirusShare_ff82c0d327e3fe085b5d6475a5250121.EXE: VirusShare_ff82c0d327e3fe085b5d6475a5250121.EXE

Detected by UnHackMe:

WINDOWS.EXE
Default location: %WinDir%\SYSTEM\WINDOWS.EXE

Dropper information:
MD5: ff82c0d327e3fe085b5d6475a5250121
File size: 418275 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images