START1.EXE is Worm Vobfus

March 2, 2012 by NightWatcher
Filed under: Worm 
: Solved!

You should Download Removal Tool here...

The file START1.EXE is a computer worm.
The worm START1.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the START1.EXE problem as soon as possible!
Delete the file START1.EXE from all infected computers in your network.
Set up your network firewall against START1.EXE intervention.

Malware Analysis of START1.EXE
Full path on a computer: %Profile%\start1.exe

Detected by RegRun Warrior:

START1.EXE
Default location: %Profile%\start1.exe

Removal Results: Success
Number of reboot: 1

START1.EXE is known as:

Worm.Vobfus, Trojan.Menti

START1.EXE hash:

  • MD5: 5937a72c80a04625be382ccb2fa2b873
The file tries to download information from some web sites.
How to quickly detect START1.EXE presence?

Folders:
  • %WinDir%\$NtUninstallKB62478$
Files:
  • %Appdata%\ntuser.dat
  • %Appdata%\xbapveyrjys3okg3wzjmcosr2uyspqvq2\svcnost.exe
  • %Profile%\start1.exe
  • %SysDir%\dds_trash_log.cmd
  • %SysDir%\s116nd5.dll


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.