Win-Trojan/Starman.Gen

By LoneStar in Trojans

Win-Trojan/Starman.Gen is a nasty computer trojan that will make the effort copy itself across an existing network. Win-Trojan/Starman.Gen replicates and runs surreptitiously without a user's authorization or knowledge. Win-Trojan/Starman.Gen can create email messages with malicious attachments often including downloads of itself. Win-Trojan/Starman.Gen opens up a backdoor to enable a remote criminal gain access to the computer. Win-Trojan/Starman.Gen starts up automatically at every time Windows starts. Win-Trojan/Starman.Gen attracts users with messages offering that the recipient should open the attachment to see something important or interesting.

File System Details

Win-Trojan/Starman.Gen may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%ProgramFiles%\Common Files\System\ado\tsektjkj.exe
Name: %ProgramFiles%\Common Files\System\ado\tsektjkj.exe Type: Executable File
2.	%Windir \pchealth\helpctr\System\rc\qbrblthb.exe
Name: %Windir \pchealth\helpctr\System\rc\qbrblthb.exe Type: Executable File
3.	%Windir%\pchealth\helpctr\System\Remote Assistance\rzqstvqq.exe
Name: %Windir%\pchealth\helpctr\System\Remote Assistance\rzqstvqq.exe Type: Executable File
4.	%ProgramFiles%\NetMeeting\rsewzjqn.exe
Name: %ProgramFiles%\NetMeeting\rsewzjqn.exe Type: Executable File
5.	%Windir \pchealth\helpctr\System\CompatCtr\hrtbebze.exe
Name: %Windir \pchealth\helpctr\System\CompatCtr\hrtbebze.exe Type: Executable File
6.	%Windir%\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\vxwqhwzs.exe
Name: %Windir%\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\vxwqhwzs.exe Type: Executable File
7.	c:\tvsknrse.exe
Name: c:\tvsknrse.exe Type: Executable File
8.	%Windir%\pchealth\helpctr\System\ErrMsg\vlvxqrek.exe
Name: %Windir%\pchealth\helpctr\System\ErrMsg\vlvxqrek.exe Type: Executable File
9.	%Windir%\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\vsekkehe.exe
Name: %Windir%\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\vsekkehe.exe Type: Executable File

Registry Details

Win-Trojan/Starman.Gen may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0026A548-2A19-E8A0-B03E-B8692A75086E}\LocalServer32

(Default) = "%Windir%\Web\wcxnjhhj.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{048BF78C-E618-0789-65EC-7B42EEBABDDC}

(Default) = "hblhrsekjwjbzjnt"

(Default) = "%ProgramFiles%\Adobe\Acrobat 6.0\Reader\HowTo\ENU\qkezbwtr.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03276388-B4D4-8F3B-502B-0901696414AA}\LocalServer32

(Default) =

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E9E265-66BE-04A9-BADD-A06BE2E36897}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E9E265-66BE-04A9-BADD-A06BE2E36897}\LocalServer32]

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0026A548-2A19-E8A0-B03E-B8692A75086E}

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]

(Default) = "hbqxlnlrejneqrez"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Win-Trojan/Starman.Gen

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen