I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
DISKFLT.SYS – Trojan Artemis removal
| File | MD5 | Virus Alias |
|---|---|---|
| DISKFLT.SYS | 6d45e6b7a83ba0d98828fa1a80a19d5d | Trojan Artemis |
| DISKFLT.SYS | 6d45e6b7a83ba0d98828fa1a80a19d5d | Trojan SuspiciousFile |
| DISKFLT.SYS | 6d45e6b7a83ba0d98828fa1a80a19d5d | Trojan Generic |
| DISKFLT.SYS | 6d45e6b7a83ba0d98828fa1a80a19d5d | Trojan Agent |
DISKFLT.SYS size: 94624 bytes
DISKFLT.SYS hash: 6D45E6B7A83BA0D98828FA1A80A19D5D
Created files:
C:\passthru.sys
%WinDir%\inf\passthru.sys
%SysDir%\Black.dll
%SysDir%\Drivers\diskflt.sys
%SysDir%\Drivers\passthru.sys
%SysDir%\wininitw.exe
%TEMP%\passthru.sys
%TEMP%\snetcfg.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\BITS\Fuck_Time: 1
HKLM\System\CurrentControlSet\Services\diskflt\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\diskflt\Type: 01000000
HKLM\System\CurrentControlSet\Services\diskflt\Tag: 0A000000
HKLM\System\CurrentControlSet\Services\Wintesd fdde speed tdss \Type: 10000000
HKLM\System\CurrentControlSet\Services\Wintesd fdde speed tdss \Start: 02000000
HKLM\System\CurrentControlSet\Services\Wintesd fdde speed tdss \DisplayName: Windows Tfg ds789g speed tdl4
HKLM\System\CurrentControlSet\Services\Wintesd fdde speed tdss \ImagePath: %WinDir%\System32\wininitw.exe
HKLM\System\CurrentControlSet\Services\Wintesd fdde speed tdss \Description: This is Wintesd fdde speed tdss
Detected by UnHackMe:
DISKFLT.SYS
Default location: %SYSDIR%\DRIVERS\DISKFLT.SYS
Dropper information:
MD5: a7877de54fccebc5c229f29597ac22ca
File size: 204800 bytes