35F6D3.SYS – Trojan Qhost

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

35F6D3.SYS – Trojan Qhost removal

FileMD5Virus Alias
35F6D3.SYS 8268541ef8acf1ed4fc1d308ab6d3734 Trojan Qhost
35F6D3.SYS 8268541ef8acf1ed4fc1d308ab6d3734 Trojan Generic
35F6D3.SYS 8268541ef8acf1ed4fc1d308ab6d3734 Trojan Eldorado
35F6D3.SYS 8268541ef8acf1ed4fc1d308ab6d3734 Trojan Downloader

35F6D3.SYS size: 66688 bytes
35F6D3.SYS hash: 8268541EF8ACF1ED4FC1D308AB6D3734

Created files:

%SysDir%\drivers\35f6d3.sys
%Temp%\Pyino\tahy.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\35f6d3\Type: 01000000
HKLM\System\CurrentControlSet\Services\35f6d3\Start: 01000000
HKLM\System\CurrentControlSet\Services\35f6d3\DisplayName: tahy.exe
HKLM\System\CurrentControlSet\Services\35f6d3\ImagePath: %WinDir%\System32\drivers\35f6d3.sys
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Tahy: “%Temp%\Pyino\tahy.exe”

Detected by UnHackMe:

35F6D3.SYS
Default location: %SYSDIR%\DRIVERS\35F6D3.SYS

Dropper information:
MD5: 989fe32c814a09a49cbb56443de5d1d7
File size: 700416 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images