AMGR8AuTo.ocx – Trojan Swisyn

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

AMGR8AuTo.ocx – Trojan Swisyn removal

FileVirus Alias
AMGR8AuTo.ocx Trojan Swisyn
AMGR8AuTo.ocx Trojan Agent
AMGR8AuTo.ocx Trojan Downloader.Generic
AMGR8AuTo.ocx Trojan Generic

Created files:

%Program Files Common%\Services\csboybind.au – Trojan Swisyn
%Program Files Common%\Services\csboyDVD.dll – Trojan Swisyn
%Program Files Common%\Services\csboyDvd.ocx – Trojan Swisyn
%Program Files Common%\Services\csboyTj.ocx – Trojan Swisyn
%Program Files Common%\Services\csboyTT.dll – Trojan Swisyn
%Program Files Common%\Tencent\AMGR8888.dll – Trojan Swisyn
%Program Files Common%\Tencent\AMGR8AuTo.ocx – Trojan Swisyn
%Program Files Common%\Tencent\AMGR8Dw.ocx – Trojan Swisyn
%Program Files Common%\Tencent\svchest.exe – Trojan Swisyn
%WinDir%\TEMP\qvod.exe_9903B248AEE904AA3F0A852E910629F6D8046A51.exe – Trojan Swisyn

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\diskmanage\Type: 10000000
HKLM\System\CurrentControlSet\Services\diskmanage\Start: 02000000
HKLM\System\CurrentControlSet\Services\diskmanage\DisplayName: windows Disk Manager
HKLM\System\CurrentControlSet\Services\diskmanage\ImagePath: %Program Files Common%\Tencent\AMGR8888.dll

Detected by UnHackMe:

AMGR8AuTo.ocx
Default location: %Program Files Common%\Tencent\AMGR8AuTo.ocx

Dropper information:
SHA256: d712d65e047ab1bfee7658cf820eeef5446388ce153304ac7cba0f06e98dc191
SHA1: 5112278459f6053a1b7a45d321c265626da4fcce
MD5: f07ba9e5e9de901d23b639263fc1e8e0
File size: 303104 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images