HackTool.Win32.Crypt.nq
HackTool.Win32.Crypt.nq is a malignant computer infection which is cleverly concealed to behave like legitimate spyware removal tool. HackTool.Win32.Crypt.nq is able to occupy all user keystrokes, such as personal information, like login number, password, credit card details, etc. HackTool.Win32.Crypt.nq may cause unauthorized access to personal data and hard drive information with a serious possibility of irretrievable data loss and unstable computer performance. Remove HackTool.Win32.Crypt.nq before it damages your computer system.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\internet explorer\iexplore.exe 2 %ProgramFiles%\internet explorer\random.exe 3 %System%\svchost.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Coffin Of EvilHKEY_CURRENT_USER\Software\SpyNetHKEY_LOCAL_MACHINE\SOFTWARE\Coffin Of EvilHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3G4L2686-J4L1-X5MV-12RE-JFH5V38F5030}[HKEY_CURRENT_USER\Software\Coffin Of Evil] FirstExecution = "10/05/2011 -- 17:38" FileName = "Dlzcs1JtFiFdifAOxfQDRfRiNilV2Goc10ZLLwr31wLX"[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] memo = "%System%\memo\memo.exe"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3G4L2686-J4L1-X5MV-12RE-JFH5V38F5030}] StubPath = "%System%\memo\memo.exe Restart"HKEY..\..\..\..{RegistryKeys}HKCU = "tBWJGA"HKLM = "tBWJMoJ"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] memeo = "%System%\memo\memo.exe"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.