The program C00285.EXE is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with C00285.EXE.
Download for free: http://www.unhackme.com
Malware Analysis of C00285.EXE
Full path on a computer: %SysDir%\372109\C00285.EXE
Detected by UnHackMe:
Item Name: C00285.lnk
Author:
Current Setting: %SYSDIR%\372109\C00285.EXE
Type: Startup Folder
Item Name: C00285.EXE
Author: Unknown
Related File: %SYSDIR%\372109\C00285.EXE
Type: Running Processes
Removal Results: Success
Number of reboot: 1
C00285.EXE is known as:
Backdoor.FlyAgent.F, W32.Autorun.worm.ev, Trojan.Agent.Gen-Fly[Large], Trojan.Dropper.Flystud.ko, Trojan ( 001714231 ), Backdoor.FlyAgent.6VUzWW4ijO4, FlyAgent.CX, Win32:EvilEPL [Cryp], Worm.FlyStudio-15, Trojan-Downloader.FlyStudio.kx, Trojan.Flystud.besfc, Mal.EncPk-NB, TrojWare.Agent.btho, HLLW.Autoruner.26035, Trojan.Autorun.dm (v), WORM_AUTORUN.SMW, TrojanDropper.Flystud.bmp, Trojan[Downloader].FlyStudio, Troj.FakeFolderT.yo.1406378, Worm.S.Flystudio.1406067, TrojanDownloader.FlyStudio, Trojan.FlyStudio.avj, PE:Malware.FakeFolder@CV.1.6AA9, Worm.FlyStudio, W32.FlySky.W, Win32.Trojan.d71
C00285.EXE hash:
- MD5: 4f46006cebc8043aaf4735d1a95ecc67
Folders:- %Temp%\E_N4
- %SysDir%\2B4FA4
- %SysDir%\372109
- %SysDir%\499E86
- %SysDir%\A9C3FF
Files:- %Temp%\86A4.dmp
- %Temp%\87ab_appcompat.txt
- %Temp%\E_N4\cnvpe.fne
- %Temp%\E_N4\dp1.fne
- %Temp%\E_N4\eAPI.fne
- %Temp%\E_N4\HtmlView.fne
- %Temp%\E_N4\internet.fne
- %Temp%\E_N4\krnln.fnr
- %Temp%\E_N4\shell.fne
- %Temp%\E_N4\spec.fne
- %Startup%\C00285.lnk
- %SysDir%\372109\C00285.EXE
- %SysDir%\499E86\cnvpe.fne
- %SysDir%\499E86\dp1.fne
- %SysDir%\499E86\eAPI.fne
- %SysDir%\499E86\HtmlView.fne
- %SysDir%\499E86\internet.fne
- %SysDir%\499E86\krnln.fnr
- %SysDir%\499E86\RegEx.fnr
- %SysDir%\499E86\shell.fne
- %SysDir%\499E86\spec.fne