Trojan Dropper.generic2.mnz
Trojan Dropper.generic2.mnz is a computer Trojan that may load malicious files to collect data from an infected PC. A remote hacker may utilize Trojan Dropper.generic2.mnz to collect data from a vulnerable system which could easily lead to identity theft. Trojan Dropper.generic2.mnz is known to be data collection malware. To prevent data from being stolen or compromised it is highly suggestive that Trojan Dropper.generic2.mnz be detected and removed with a spyware removal program.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:SystemPropertiesAdvancedViewer.exe
File name: SystemPropertiesAdvancedViewer.exeFile type: Executable File
Mime Type: unknown/exe
B6232F3A42A.exe
File name: B6232F3A42A.exeFile type: Executable File
Mime Type: unknown/exe
COHServer.exe
File name: COHServer.exeFile type: Executable File
Mime Type: unknown/exe
csrss.exe
File name: csrss.exeFile type: Executable File
Mime Type: unknown/exe
nvvsvc.exe
File name: nvvsvc.exeFile type: Executable File
Mime Type: unknown/exe
Music System.exe
File name: Music System.exeFile type: Executable File
Mime Type: unknown/exe
igfxtray.exe
File name: igfxtray.exeFile type: Executable File
Mime Type: unknown/exe
aruqt.exe
File name: aruqt.exeFile type: Executable File
Mime Type: unknown/exe
1930.exe
File name: 1930.exeFile type: Executable File
Mime Type: unknown/exe
svchos.exe
File name: svchos.exeFile type: Executable File
Mime Type: unknown/exe
tplsub700jk.exe
File name: tplsub700jk.exeFile type: Executable File
Mime Type: unknown/exe
Security Solution.exe
File name: Security Solution.exeFile type: Executable File
Mime Type: unknown/exe
mscj2.exe
File name: mscj2.exeFile type: Executable File
Mime Type: unknown/exe
winsvc.exe
File name: winsvc.exeFile type: Executable File
Mime Type: unknown/exe
bswuwntossplhd.exe
File name: bswuwntossplhd.exeFile type: Executable File
Mime Type: unknown/exe
ntdel.exe
File name: ntdel.exeFile type: Executable File
Mime Type: unknown/exe
KillEXE.exe
File name: KillEXE.exeFile type: Executable File
Mime Type: unknown/exe
hkicmd.exe
File name: hkicmd.exeFile type: Executable File
Mime Type: unknown/exe
acleaner.exe
File name: acleaner.exeFile type: Executable File
Mime Type: unknown/exe
rqcovth.exe
File name: rqcovth.exeFile type: Executable File
Mime Type: unknown/exe
lde1.exe
File name: lde1.exeFile type: Executable File
Mime Type: unknown/exe
realupgrade.exe
File name: realupgrade.exeFile type: Executable File
Mime Type: unknown/exe
winhelp.exe
File name: winhelp.exeFile type: Executable File
Mime Type: unknown/exe
facebook-pic0009696904901.exe
File name: facebook-pic0009696904901.exeFile type: Executable File
Mime Type: unknown/exe
KB11657984.exe
File name: KB11657984.exeFile type: Executable File
Mime Type: unknown/exe
arking.exe
File name: arking.exeFile type: Executable File
Mime Type: unknown/exe
uetcilehmof.exe
File name: uetcilehmof.exeFile type: Executable File
Mime Type: unknown/exe
SynNglp.exe
File name: SynNglp.exeFile type: Executable File
Mime Type: unknown/exe
wnzip32.exe
File name: wnzip32.exeFile type: Executable File
Mime Type: unknown/exe
thunder.exe
File name: thunder.exeFile type: Executable File
Mime Type: unknown/exe
TCodecLite.exe
File name: TCodecLite.exeFile type: Executable File
Mime Type: unknown/exe
sXeInjectedSetup.8.9.exe
File name: sXeInjectedSetup.8.9.exeFile type: Executable File
Mime Type: unknown/exe
nvsvc32.exe
File name: nvsvc32.exeFile type: Executable File
Mime Type: unknown/exe
GoogleDownload.exe
File name: GoogleDownload.exeFile type: Executable File
Mime Type: unknown/exe
gabpath.exe
File name: gabpath.exeFile type: Executable File
Mime Type: unknown/exe
CurseClient.exe
File name: CurseClient.exeFile type: Executable File
Mime Type: unknown/exe
CronikalNewLouncher.exe
File name: CronikalNewLouncher.exeFile type: Executable File
Mime Type: unknown/exe
flash_player_installer.exe
File name: flash_player_installer.exeFile type: Executable File
Mime Type: unknown/exe
geurge.exe
File name: geurge.exeFile type: Executable File
Mime Type: unknown/exe
tskhelp32.exe
File name: tskhelp32.exeFile type: Executable File
Mime Type: unknown/exe
qaovyciydw.exe
File name: qaovyciydw.exeFile type: Executable File
Mime Type: unknown/exe
NTsrv.exe
File name: NTsrv.exeFile type: Executable File
Mime Type: unknown/exe
malware.exe
File name: malware.exeFile type: Executable File
Mime Type: unknown/exe
2025.exe
File name: 2025.exeFile type: Executable File
Mime Type: unknown/exe
iexplore.exe
File name: iexplore.exeFile type: Executable File
Mime Type: unknown/exe
Registry Modifications
The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ntuser RUNNING PROGRAM\MagicISO.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ restorer32_aHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\molochaHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ anhaoHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ DelayLoadHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinitHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ hgcheckHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\ AppInit_DLLsHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Windows UpdateHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft Windows InstallerHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ autoload
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ntuser RUNNING PROGRAM\MagicISO.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ restorer32_aHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\molochaHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ anhaoHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ DelayLoadHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinitHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ hgcheckHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\ AppInit_DLLsHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Windows UpdateHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft Windows InstallerHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ autoload
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.