Trojan.Sakurel.B is a Trojan horse that opens a back door on the compromised computer, downloads malicious files and steals information. It creates the following files on infected systems:
- Center[RANDOM CHARACTERS].dat
- %Temp%\ Center[RANDOM CHARACTERS].dat
- %UserProfile%\ Application Data\ adobe\ adobe.dat
In addition to creating these files, it creates the following registry entry:
- HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Run\ “AdobePlayer” = regsvr32 / s “%UserProfile%\ Application Data\ adobe\ adobe.dat”
Finding these files and this registry setting is an indication that you are infected with this Trojan. Before removing the infection, backup your registry following the steps
here.
Then, remove the infection as follows:
- Press [Windows Key] + [R], type REGEDIT and click OK.
- Navigate to the registry key: HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Run
- Delete the registry entry: “AdobePlayer” = regsvr32 / s “%UserProfile%\ Application Data\ adobe\ adobe.dat”
- Close the Registry Editor and re-boot your PC.