GWQEGGW.EXE – Trojan Swisyn

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

GWQEGGW.EXE – Trojan Swisyn removal

FileMD5Virus Alias
GWQEGGW.EXE 3bd1832ff864c0d5bfda93b62c34f21d Trojan Swisyn
GWQEGGW.EXE 3bd1832ff864c0d5bfda93b62c34f21d Trojan Comame
GWQEGGW.EXE 3bd1832ff864c0d5bfda93b62c34f21d Trojan Agent

GWQEGGW.EXE size: 656972 bytes
GWQEGGW.EXE hash: 3BD1832FF864C0D5BFDA93B62C34F21D

Created files:

%Program Files%\DNSProtectSupport\svchost.exe
%Program Files%\DNSProtectSupport\svchost.exe.bak
%TEMP%\EzUbCK.exe
%TEMP%\gWQeGgw.exe
%TEMP%\LYXwvbdqgLcz.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\DNSProtectSupport\Type: 10000000
HKLM\System\CurrentControlSet\Services\DNSProtectSupport\Start: 02000000
HKLM\System\CurrentControlSet\Services\DNSProtectSupport\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\DNSProtectSupport\ImagePath: %Program Files%\DNSProtectSupport\svchost.exe

Detected by UnHackMe:

GWQEGGW.EXE
Default location: %TEMP%\GWQEGGW.EXE

Dropper information:
MD5: 006c54c44e4fe4f70f4817121dd23fce
File size: 474960 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images