Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.CRPYT.ZK

 

 

 

Name:

Trojan.crypt.zk

Added:

September 5, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.crypt.zk is executed, it performs the following activities:

After execution, it drops the following files:

%AppData%\Iuqeqm.exe
%AppData%\Microsoft\Protect\Credentials\wmpnetvk.exe
%AppData%\Microsoft\Protect\Credentials\taskhostt.exe
%AppData%\Microsoft\Protect\Credentials\wmpnetvk.gzp

It creates/modifies the following registry entries:

Microsoft® Windows® Operating System = "%AppData%\Microsoft\Protect\Credentials\taskhostt.exe"
HKU\Software\Microsoft\Windows\CurrentVersion\Run

Microsoft® Windows® Operating System = "%AppData%\Microsoft\Protect\Credentials\taskhostt.exe"
HKU\Software\Microsoft\Windows\CurrentVersion\Run

Iuqeqm = "%AppData%\Iuqeqm.exe"
HKU\Software\Microsoft\Windows\CurrentVersion\Run

This infection has Rootkit functionality keeping "%AppData%\Iuqeqm.exe" hidden and hooks some various user mode functions.


 

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4