Solved! Use NOSKRNL.SYS (Trojan Agent) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

NOSKRNL.SYS – Trojan Agent removal

File MD5 Virus Alias
NOSKRNL.SYS a1bac7cf00f4bdb0f3c2cae99e07e023 Trojan Agent
NOSKRNL.SYS a1bac7cf00f4bdb0f3c2cae99e07e023 Rootkit TDSS
NOSKRNL.SYS a1bac7cf00f4bdb0f3c2cae99e07e023 Trojan Kryptik

NOSKRNL.SYS size: 12960 bytes
NOSKRNL.SYS hash: A1BAC7CF00F4BDB0F3C2CAE99E07E023

Created files:

%WinDir%\noskrnl.exe
%SysDir%\noskrnl.sys
%Temp%\ff34ff45

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\noskrnl.sys\Type: 01000000
HKLM\System\CurrentControlSet\Services\noskrnl.sys\Start: 03000000
HKLM\System\CurrentControlSet\Services\noskrnl.sys\DisplayName: noskrnl.sys
HKLM\System\CurrentControlSet\Services\noskrnl.sys\ImagePath: %WinDir%\System32\noskrnl.sys
HKLM\System\CurrentControlSet\Services\W32Time\Parameters\NtpServer: time.windows.com,time.nist.gov
HKLM\System\CurrentControlSet\Services\W32Time\Parameters\Type: NTP
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\noskrnl: %WinDir%\noskrnl.exe

Detected by UnHackMe:

NOSKRNL.SYS
Default location: %SYSDIR%\NOSKRNL.SYS

Dropper information:
MD5: d676a12b0822cf580b9d40304de1969c
File size: 124266 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images