Trojan Agent – Utility.dll – 0d2f45e8e1f49a9b17c3047155339fef

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Agent
Also known as: Trojan Generic, Trojan Zbot
SHA256: 221046db6042780f500e21ce42867395385c5995219285403ff6a5c074ef1c6e
SHA1: 58df8096c1023e91d457cfe596c44e172c907471
MD5: 0d2f45e8e1f49a9b17c3047155339fef
File size: 207874 bytes

Created files:

C:\ProgramData\Microsoft\Windows\Common\Utility.dll – Trojan Agent
C:\ProgramData\Microsoft\Windows\QQlive.exe – Trojan Agent

Trojan Agent created autostart registry keys:

HKLM\System\CurrentControlSet\Services\DisplayName:
HKLM\System\CurrentControlSet\Services\Type: 20000000
HKLM\System\CurrentControlSet\Services\Start: 02000000
HKLM\System\CurrentControlSet\Services\ImagePath: 2500530079007300740065006D0052006F006F00740025005C00730079007300740065006D00330032005C0073007600630068006F00730074002E0065007800650020002D006B0020006E00650074007300760063007300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
HKLM\System\CurrentControlSet\Services\ObjectName: LocalSystemSystem\CurrentControlSet\Services\SOFTWARE\Microsoft\Windows NT\CurrentVersion\netsvcsEnable ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share inf
HKLM\System\CurrentControlSet\Services\Description: Create and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.Enable remote users to modif
HKLM\System\CurrentControlSet\Services\Parameter\ServiceDll: 43003A005C00500072006F006700720061006D0044006100740061005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C007500640070006800680064002E0064006C006C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
HKLM\System\CurrentControlSet\Services\Parameters\ServiceDll: 43003A005C00500072006F006700720061006D0044006100740061005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C0041004D00440074007A007A002E0064006C006C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images