Solved! Use OREANS32.SYS (Trojan Agent) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

OREANS32.SYS – Trojan Agent removal

File MD5 Virus Alias
OREANS32.SYS b99575d16f887883b821d372ff292c20 Trojan Agent

OREANS32.SYS size: 33824 bytes
OREANS32.SYS hash: B99575D16F887883B821D372FF292C20

Created files:

%SysDir%\drivers\oreans32.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\oreans32\Type: 01000000
HKLM\System\CurrentControlSet\Services\oreans32\Start: 01000000
HKLM\System\CurrentControlSet\Services\oreans32\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\oreans32\DisplayName: oreans32
HKLM\System\CurrentControlSet\Services\oreans32\ImagePath: %WinDir%\System32\drivers\oreans32.sys

Detected by UnHackMe:

OREANS32.SYS
Default location: %SYSDIR%\DRIVERS\OREANS32.SYS

Dropper information:
MD5: 6560236804519d78118ff173d806bef1
File size: 2789888 bytes

Leave a Reply