Trojan Dulom – agroio.sys – d4014230660dd0e7c2764b836b7840fb

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

Trojan Dulom
Also known as: Trojan Generic, Trojan Downloader.Generic
SHA256: d239ad39f14779d1b9374eee97db9f5f646e1fc76c9049c6d0f2f23fdf612f2c
SHA1: 1ca48a40549b010481a4a13f2a56d6eeeaaa2e20
MD5: d4014230660dd0e7c2764b836b7840fb
File size: 737792 bytes

Created files:

%SysDir%\drivers\agroio.sys – Trojan Dulom
%SysDir%\drivers\hp3900.sys – Trojan Dulom
%AppData%\Macromidia\alg.exe – Trojan Dulom

Trojan Dulom created autostart registry keys:

HKLM\System\CurrentControlSet\Services\agroio\Type: 01000000
HKLM\System\CurrentControlSet\Services\agroio\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\agroio\DisplayName: agroio
HKLM\System\CurrentControlSet\Services\agroio\ImagePath: %WinDir%\System32\drivers\agroio.sys
HKLM\System\CurrentControlSet\Services\hp3900\Type: 01000000
HKLM\System\CurrentControlSet\Services\hp3900\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\hp3900\DisplayName: hp3900
HKLM\System\CurrentControlSet\Services\hp3900\ImagePath: %WinDir%\System32\drivers\hp3900.sys
HKLM\System\CurrentControlSet\Services\hp3900\Group: Boot Bus Extender
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\alg: %AppData%\Macromidia\alg.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images