Solved! Use PROAP.SYS (Trojan SuspiciousFile) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

PROAP.SYS – Trojan SuspiciousFile removal

FileMD5Virus Alias
PROAP.SYS bda8fa4de664c77bd8fd019d21ee02c8 Trojan SuspiciousFile

PROAP.SYS size: 6656 bytes
PROAP.SYS hash: BDA8FA4DE664C77BD8FD019D21EE02C8

Created files:

%Program Files%\Aphod\install.exe
C:\windows\system32\drivers\proap.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\proap\Type: 01000000
HKLM\System\CurrentControlSet\Services\proap\Start: 03000000
HKLM\System\CurrentControlSet\Services\proap\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\proap\DisplayName: proap
HKLM\System\CurrentControlSet\Services\proap\ImagePath: \??\c:\windows\System32\drivers\proap.sys
HKLM\System\CurrentControlSet\Services\proap\Security\Security: 01001480900000009C000000140000003000000002001C000100000002801400FF010F00010100000000000100000000020060000400000000001400FD01020001010000000000051200000000001800FF010F0001020000000000052000000020020000000014008D01020001010000000000050B00000000001800FD01020001020000000000052000000023020000010100000000000512000000010100000000000512000000

Detected by UnHackMe:

PROAP.SYS
Default location: %SYSDIR%\DRIVERS\PROAP.SYS

Dropper information:
MD5: acd7a4c1be6a34797835eb52346880de
File size: 573952 bytes

Leave a Reply