PAST3XPMQ.SYS – Trojan SuspiciousFile

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

PAST3XPMQ.SYS – Trojan SuspiciousFile removal

FileMD5Virus Alias
PAST3XPMQ.SYS 974eea16ffb1aa01c53d36b4a6d6259d Trojan SuspiciousFile

PAST3XPMQ.SYS size: 3584 bytes
PAST3XPMQ.SYS hash: 974EEA16FFB1AA01C53D36B4A6D6259D

Created files:

%SysDir%\mydri.sys
%SysDir%\Past3XPmQ.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\baby\Type: 01000000
HKLM\System\CurrentControlSet\Services\baby\Start: 03000000
HKLM\System\CurrentControlSet\Services\baby\DisplayName: baby
HKLM\System\CurrentControlSet\Services\baby\ImagePath: %WinDir%\System32\Past3XPmQ.sys
HKLM\System\CurrentControlSet\Services\DBKDRVR54\Type: 01000000
HKLM\System\CurrentControlSet\Services\DBKDRVR54\Start: 03000000
HKLM\System\CurrentControlSet\Services\DBKDRVR54\DisplayName: DBKDRVR54
HKLM\System\CurrentControlSet\Services\DBKDRVR54\ImagePath: %WinDir%\System32\.\mydri.sys

Detected by UnHackMe:

PAST3XPMQ.SYS
Default location: %SYSDIR%\PAST3XPMQ.SYS

Dropper information:
MD5: 2fe5e1850f2376d97ec0a0216a0347a1
File size: 599406 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images