I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SWR.SYS – Backdoor Koutodoor removal
| File | MD5 | Virus Alias |
|---|---|---|
| SWR.SYS | 18800b6f4fad0d65aa1e112c8dc008f9 | Backdoor Koutodoor |
| SWR.SYS | 18800b6f4fad0d65aa1e112c8dc008f9 | Trojan Generic |
| SWR.SYS | 18800b6f4fad0d65aa1e112c8dc008f9 | Trojan Eldorado |
| SWR.SYS | 18800b6f4fad0d65aa1e112c8dc008f9 | Trojan Agent |
| SWR.SYS | 18800b6f4fad0d65aa1e112c8dc008f9 | Trojan Crypt |
SWR.SYS size: 41472 bytes
SWR.SYS hash: 18800B6F4FAD0D65AA1E112C8DC008F9
Created files:
%SysDir%\drivers\swr.sys
%SysDir%\yga.dll
%Temp%\uooczq.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\swr\Type: 01000000
HKLM\System\CurrentControlSet\Services\swr\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\swr\DisplayName: swr
HKLM\System\CurrentControlSet\Services\swr\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C007300770072002E007300790073000000
Detected by UnHackMe:
SWR.SYS
Default location: %SYSDIR%\DRIVERS\SWR.SYS
Dropper information:
MD5: c5b6be32976393c52d4a2d20ebc77850
File size: 282688 bytes