000000C0.@ is Trojan Redirector.JS.BF

Rootkit 000000C0.@ is software that enables continued privileged access to a computer while actively hiding its presence.
Detection and removal of 000000C0.@ may be a very difficult process.
You should use anti-rootkit software to fix the 000000C0.@ problem.

Malware Analysis of 000000C0.@
Full path on a computer: %Local Appdata%3308c706U0000001.@

Detected by RegRun Warrior:

000000C0.@
Default location: %Local Appdata%3308c706U0000001.@

Removal Results: Success
Number of reboot: 1

000000C0.@ is known as:

Trojan.Redirector.JS.BF, Trojan.Agent.WD.cw1, Trojan.Conedex.HQww1wuVBsI, Win32.Redirector.A, W32.Agent.KBH, Trojan-Downloader.HTML.Agent.yh, Trojan.Redirector, TR.Redirector.BF.1, Troj.Redirect-B, Win32.Tnega.AKJK, Trojan.Conedex.B, Trojan.S.Agent.3072.AB, Win-Trojan.Conedex.3072, Trojan.Redirector.9113, W32.Agent.CHO.tr, JS.Redirector.AF

000000C0.@ hash:

  • MD5: 1cb9d9da501a930f47358712659b7069
How to quickly detect 000000C0.@ presence?

Registry:
  • HKLMSystemCurrentControlSetServicesse59nd5ParametersServiceDll: “%systemroot%system32CTSBLFX.DLL.dll”
Folders:
  • %WinDir%$NtUninstallKB3057$
Files:
  • %Local Appdata%3308c706@
  • %Local Appdata%3308c706U0000001.@
  • %Local Appdata%3308c706U00000c0.@
  • %Local Appdata%3308c706U00000cb.@
  • %Local Appdata%3308c706U00000cf.@
  • %Local Appdata%3308c706U80000000.@
  • %Local Appdata%3308c706U800000c0.@
  • %Local Appdata%3308c706U800000cb.@
  • %Local Appdata%3308c706U800000cf.@
  • %Local Appdata%3308c706X
  • %WinDir%assemblyGAC_MSILDesktop.ini
  • %SysDir%CTSBLFX.DLL.dll
  • %SysDir%dds_log_ad13.cmd

Fix it immediately!

Free Download

UnHackMe removes malware invisible for your antivirus!

Leave a Reply