HackTool.Win32.Crypt.nq

HackTool.Win32.Crypt.nq Description

HackTool.Win32.Crypt.nq is a malicious tool that creates keys for illegitimately-gained versions of various software programs. HackTool.Win32.Crypt.nq is able to take over all user keystrokes, such as personal information, login ID, password, credit card details, etc. HackTool.Win32.Crypt.nq can connect with a remote criminal to download additional files onto the computer system. It is highly recommended removing HackTool.Win32.Crypt.nq as quickly as possible before it could harm your PC.

Technical Information

File System Details

HackTool.Win32.Crypt.nq creates the following file(s):
# File Name Detection Count
1 %System%\svchost.exe N/A
2 %ProgramFiles%\internet explorer\iexplore.exe N/A
3 %ProgramFiles%\internet explorer\random.exe N/A

Registry Details

HackTool.Win32.Crypt.nq creates the following registry entry or registry entries:
Registry key
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] memo = "%System%\memo\memo.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3G4L2686-J4L1-X5MV-12RE-JFH5V38F5030}
HKLM = "tBWJMoJ"
HKEY_CURRENT_USER\Software\SpyNet
HKCU = "tBWJGA"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] memeo = "%System%\memo\memo.exe"
HKEY_CURRENT_USER\Software\Coffin Of Evil
[HKEY_CURRENT_USER\Software\Coffin Of Evil] FirstExecution = "10/05/2011 -- 17:38" FileName = "Dlzcs1JtFiFdifAOxfQDRfRiNilV2Goc10ZLLwr31wLX"
HKEY_LOCAL_MACHINE\SOFTWARE\Coffin Of Evil
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3G4L2686-J4L1-X5MV-12RE-JFH5V38F5030}] StubPath = "%System%\memo\memo.exe Restart"