GUI.SYS – Trojan SuspiciousFile

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

GUI.SYS – Trojan SuspiciousFile removal

FileMD5Virus Alias
GUI.SYS dd56231742236ec3c4faeeecbd2d588b Trojan SuspiciousFile

GUI.SYS size: 6144 bytes
GUI.SYS hash: DD56231742236EC3C4FAEEECBD2D588B

Created files:

C:\windows\system32\drivers\gui.sys
C:\windows\system32\Rnmeqtte.dll
C:\windows\temp2687100.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\McAfee Network Agent\Type: 10010000
HKLM\System\CurrentControlSet\Services\McAfee Network Agent\Start: 02000000
HKLM\System\CurrentControlSet\Services\McAfee Network Agent\DisplayName: McAfee Network Agent
HKLM\System\CurrentControlSet\Services\McAfee Network Agent\ImagePath: %SystemRoot%\System32\svchost.exe -k imgsvc

Detected by UnHackMe:

GUI.SYS
Default location: %SYSDIR%\DRIVERS\GUI.SYS

Dropper information:
MD5: 2d354f129cda59fcddf0d30d97db18cf
File size: 163840 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images