Generic Dropper.vq
Generic Dropper.vq is a dangerous trojan infection that will start downloading files to the infected computer system without a targeted user's consent which will result in security risk. Generic Dropper.vq may be installed for malignant purposes by a hacker that enable obtain access to your computer system from remote locations, stealing passwords, Internet banking and personal information. Generic Dropper.vq usually prevents users from accessing legitimate websites and redirect them to porn and malicious websites. When Generic Dropper.vq installs on your PC, it infects your system files and changes the system settings. It is highly recommended removing Generic Dropper.vq immediately from your machine and make sure your computer is clean.
File System Details
Generic Dropper.vq may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %System%\tcpwakglib.exe | |
| 2. | %System%\E001.exe | |
| 3. | %System%\drivers\tcpz-x86d.sys | |
| 4. | %Windir%\svchost.exe | |
| 5. | %AllUsersProfile%\123.bat | |
| 6. | %System%\D001.exe | |
| 7. | %Windir%\Temp\30453.dll | |
| 8. | %CommonAppData%\lanmao.exe | |
| 9. | %System%\JATE.exe | |
| 10. | %Windir%\Temp\126375.dll | |
| 11. | %AllUsersProfile%\lmm.txt | |
| 12. | %AllUsersProfile%\lanmao.hiv |
Registry Details
Generic Dropper.vq may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{1e6963ff-bfe3-4498-a94d-c0e5982071d7}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{b40c384e-0a44-4b46-b14b-c194fa0e5e8f}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{e63e091a-cef1-4508-9e43-613f41485229}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{6344fe9c-c79b-444d-a90f-b589162416d5}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WAKLSVC\
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DAVNLWLB\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINRAR_SERVER
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CQtMasse
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CQtMasse\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPZ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rcmdsvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WaklSvc\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CQTMASSE\0000
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{d12ee85a-e3c4-468e-aadf-fbb0ad46d83b}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{667693ee-9ca9-4bf2-9d10-1b9b7c45057f}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{724bfd81-4eda-44b5-99fb-ee1b7c6dcf7a}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{74f6ef6c-5bcd-426b-8e42-ca194feeac0f}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DAVNLWLB
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TCPZ\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TCPZ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WAKLSVC\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WMDMPMSN\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\daVNLWlB\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPZ\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WaklSvc
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CQTMASSE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinRar Server\Security
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{e788aac0-0854-464d-b3fe-e99614eaa5c8}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{4de0233b-3368-4763-aba8-6b9002734dc9}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{4fb58661-b6d2-47d3-bc0b-42b4b9cddbde}
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{27339a81-2984-4141-82aa-bc8c14fc0844}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CQTMASSE\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CQTMASSE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_RCMDSVC\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_RCMDSVC
\Enum\Root\LEGACY_WMDMPMSN
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINRAR_SERVER\0000
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\daVNLWlB
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPZ\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rcmdsvc\Security
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\MediaResources\msvideo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinRar Server
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.