What is extrac64_cab.exe, How to remove extrac64_cab.exe

extrac64_cab.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: extrac64_cab
Filename: extrac64_cab.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | extrac64_cab.exe

Command: %UserProfile%\temp\extrac64_cab.exe
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [extrac64_cab.exe] C:\DOCUME~1\user\LOCALS~1\Temp\extrac64_cab.exe

DDS Line:

uRun: [extrac64_cab.exe] c:\dokume~1\user\lokale~1\temp\extrac64_cab.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“extrac64_cab.exe”=c:\dokume~1\user\lokale~1\temp\extrac64_cab.exe

Description: new variant of cls_pack.exe trojan. It also known as HeurEngine.MaliciousPacker [PCTools], Packed.Generic.277 [Symantec], Trojan-Downloader.Win32.FraudLoad.wxry [Kaspersky Lab], Mal/Generic-A [Sophos], Trojan-Downloader.Win32.FraudLoad [Ikarus]

How to remove: use these extrac64_cab.exe removal instructions.

This entry was posted on Saturday, January 30th, 2010 at 6:19 am and is filed under O4, Run, Trojan. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HT Logs. Tips, FAQs, Analyze.

Categories

Archives

What is extrac64_cab.exe, How to remove extrac64_cab.exe

extrac64_cab.exe is a harmful program.

Leave a Reply