DOWIRE.SYS – Trojan Agent

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

DOWIRE.SYS – Trojan Agent removal

FileMD5Virus Alias
DOWIRE.SYS 5a0751f200a42271278101e145944ecd Trojan Agent
DOWIRE.SYS 5a0751f200a42271278101e145944ecd Suspicious File
DOWIRE.SYS 5a0751f200a42271278101e145944ecd Trojan Generic
DOWIRE.SYS 5a0751f200a42271278101e145944ecd Trojan JboxGeneric
DOWIRE.SYS 5a0751f200a42271278101e145944ecd Trojan Eldorado
DOWIRE.SYS 5a0751f200a42271278101e145944ecd Trojan Downloader

DOWIRE.SYS size: 16384 bytes
DOWIRE.SYS hash: 5A0751F200A42271278101E145944ECD

Created files:

%Program Files%\SogouFinger\InstallOK.exe
%Program Files%\SogouFinger\Sogoud.dll
C:\Windows\System32\DOWIRE.sys
C:\Windows\System32\sog.exe
C:\Windows\System32\z5.exe
C:\Windows\System32\z6.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\DOWIRE\Type: 01000000
HKLM\System\CurrentControlSet\Services\DOWIRE\Start: 03000000
HKLM\System\CurrentControlSet\Services\DOWIRE\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\DOWIRE\DisplayName: DOWIRE
HKLM\System\CurrentControlSet\Services\DOWIRE\ImagePath: C:\Windows\System32\DOWIRE.sys

Detected by UnHackMe:

DOWIRE.SYS
Default location: %SYSDIR%\DOWIRE.SYS

Dropper information:
MD5: 8f48424cf687ac3ab27fafbbf7e8ed58
File size: 218112 bytes

Leave a Reply