Exploit:Win32/ShellCode.U
Posted: March 6, 2013
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 1,646 |
| First Seen: | March 6, 2013 |
|---|---|
| Last Seen: | July 16, 2023 |
| OS(es) Affected: | Windows |
Aliases
Generic31.CKFU [AVG]Troj/Zbot-DXR [Sophos]Trj/Dtcontx.C [Panda]Generic32.BCH [AVG]Riskware/HDDRescue [Fortinet]Win32:Adware-gen [GData]Adware/Rogue.303616.1 [AntiVir]Mal/FakeAV-OZ [Sophos]Win32:Adware-gen [Adw] [Avast]Fake-SysDef-FIH!0065F37ACA51 [McAfee]SHeur3.AFNK [AVG]W32/Mdrop.DXZ!tr [Fortinet]Trojan-Downloader.Win32.Troxen [Ikarus]TR/Drop.Svchost.A [AntiVir]Trojan.MulDrop3.48428 [DrWeb]
More aliases (321)
More aliases (321)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%WINDIR%\System32\Deploy.exe
File name: Deploy.exeSize: 2.23 MB (2236211 bytes)
MD5: 519736fa9bae7a0ad5c08d21eaf3c62f
Detection count: 286
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\System32\Deploy.exe
Group: Malware file
Last Updated: July 16, 2023
%SystemDrive%\Documents and Settings\Administrateur\Application Data\firewall.exe
File name: firewall.exeSize: 201.21 KB (201216 bytes)
MD5: 27c818dd620d8e4ed23953b6befa1a4a
Detection count: 76
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Administrateur\Application Data
Group: Malware file
Last Updated: March 6, 2013
%WINDIR%\VisualServerz.exe
File name: VisualServerz.exeSize: 61.44 KB (61440 bytes)
MD5: 981c0b7307e0e7db8acbdd9fa2044454
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: May 21, 2020
C:\Users\<username>\Documents\Old PC with 32 bit OS\Downloads\QvodSetup_tom365.exe
File name: QvodSetup_tom365.exeSize: 2.77 MB (2775145 bytes)
MD5: 6b2c44908b3c666e8f4f22adccb8e5db
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\Documents\Old PC with 32 bit OS\Downloads\QvodSetup_tom365.exe
Group: Malware file
Last Updated: April 27, 2022
C:\Users\<username>\AppData\Local\Temp\acnzlajyi\checker.exe
File name: checker.exeSize: 1.41 MB (1412424 bytes)
MD5: ed478b60a86ed14dee2ad53abd42b909
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\acnzlajyi\checker.exe
Group: Malware file
Last Updated: June 15, 2021
%WINDIR%\csrss.exe
File name: csrss.exeSize: 654.63 KB (654635 bytes)
MD5: 8070aba7f6b29ec32947737ed0ec23a5
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: May 16, 2020
%PROGRAMFILES%\AdMatching\AdMatching.exe
File name: AdMatching.exeSize: 144.52 KB (144528 bytes)
MD5: df2bdead526ed266d93226260f6fee3a
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\AdMatching
Group: Malware file
Last Updated: March 12, 2013
%APPDATA%\Mining\coin-miner.exe
File name: coin-miner.exeSize: 54.27 KB (54272 bytes)
MD5: 4707f0984e84e1c3411dab433b5eebcb
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Mining
Group: Malware file
Last Updated: March 12, 2013
%TEMP%\131.tmp
File name: 131.tmpSize: 402.94 KB (402944 bytes)
MD5: 79012f79b2bfc292c8f2220632d79704
Detection count: 6
File type: Temporary File
Mime Type: unknown/tmp
Path: %TEMP%
Group: Malware file
Last Updated: March 12, 2013
%WINDIR%\SYSTEM32\DWRCS.EXE
File name: DWRCS.EXESize: 162.3 KB (162304 bytes)
MD5: 16b35a6a9eb6b39927d0cc4ca2a00cb3
Detection count: 5
File type: Executable File
Mime Type: unknown/EXE
Path: %WINDIR%\SYSTEM32
Group: Malware file
Last Updated: March 12, 2013
%APPDATA%\ftw.exe
File name: ftw.exeSize: 20.8 MB (20808948 bytes)
MD5: 1922331f588b96711c5d55af959780b9
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: March 12, 2013
%APPDATA%\9311e9b9-4af7-4957-8e6e-beedfb4e9fe7ad\ebafeebeedfbefead.exe
File name: ebafeebeedfbefead.exeSize: 143.36 KB (143360 bytes)
MD5: b563cc1f06c29cdf23f88c6c24114dbc
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\9311e9b9-4af7-4957-8e6e-beedfb4e9fe7ad
Group: Malware file
Last Updated: March 12, 2013
%LOCALAPPDATA%\gkrhkrtv\oqjturdm.exe
File name: oqjturdm.exeSize: 93.89 KB (93896 bytes)
MD5: b9f431842502df85110f2f27730a9b89
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\gkrhkrtv
Group: Malware file
Last Updated: March 12, 2013
%LOCALAPPDATA%\Lollipop\lolipop.exe
File name: lolipop.exeSize: 1.45 MB (1453568 bytes)
MD5: 2adcbcfe013122de3ca912249aa524f0
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\Lollipop
Group: Malware file
Last Updated: March 12, 2013
%USERPROFILE%\mobottobasmo.exe
File name: mobottobasmo.exeSize: 116.73 KB (116736 bytes)
MD5: f6999458106a68196c56c2a8af20e16e
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: March 12, 2013
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.