PAST8KVMP.SYS – Trojan SuspiciousFile

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

PAST8KVMP.SYS – Trojan SuspiciousFile removal

FileMD5Virus Alias
PAST8KVMP.SYS 974eea16ffb1aa01c53d36b4a6d6259d Trojan SuspiciousFile

PAST8KVMP.SYS size: 3584 bytes
PAST8KVMP.SYS hash: 974EEA16FFB1AA01C53D36B4A6D6259D

Created files:

%SysDir%\BackInC.sys
%SysDir%\Past8kVMP.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\baby\Type: 01000000
HKLM\System\CurrentControlSet\Services\baby\Start: 03000000
HKLM\System\CurrentControlSet\Services\baby\DisplayName: baby
HKLM\System\CurrentControlSet\Services\baby\ImagePath: %WinDir%\System32\Past8kVMP.sys
HKLM\System\CurrentControlSet\Services\BackInC\Type: 01000000
HKLM\System\CurrentControlSet\Services\BackInC\Start: 03000000
HKLM\System\CurrentControlSet\Services\BackInC\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\BackInC\DisplayName: BackInC
HKLM\System\CurrentControlSet\Services\BackInC\ImagePath: %WinDir%\System32\\BackInC.sys

Detected by UnHackMe:

PAST8KVMP.SYS
Default location: %SYSDIR%\PAST8KVMP.SYS

Dropper information:
MD5: 490f9e9ba32d6b6f37f156e0a6eeebca
File size: 405504 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images