I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Trojan Kazy
Also known as: Trojan CI, Trojan Kryptik
SHA256: d9d844115ea2942625f9aeec0aaa4a1366b83c23b37bd635f5568f6626c8d3f7
SHA1: b4ecc9e2394e06b81c5489614b40760dd4290197
MD5: a9345212f1e495fdcac36d95bed95fae
File size: 307712 bytes
Created files:
%WinDir%\Installer\{7BFA72D7-013F-F991-250C-B2B004EDB6D1}\syshost.exe – Trojan Kazy
%SysDir%\drivers\163dcf.sys – Trojan Kazy
Trojan Kazy created autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\syshost32: %WinDir%\Installer\{7BFA72D7-013F-F991-250C-B2B004EDB6D1}\syshost.exe
HKLM\System\CurrentControlSet\Services\163dcf\Type: 01000000
HKLM\System\CurrentControlSet\Services\163dcf\Start: 01000000
HKLM\System\CurrentControlSet\Services\163dcf\DisplayName: syshost.exe
HKLM\System\CurrentControlSet\Services\163dcf\ImagePath: %WinDir%\System32\drivers\163dcf.sys
HKLM\System\CurrentControlSet\Services\syshost32\Type: 10000000
HKLM\System\CurrentControlSet\Services\syshost32\Start: 02000000
HKLM\System\CurrentControlSet\Services\syshost32\ImagePath: “%WinDir%\Installer\{7BFA72D7-013F-F991-250C-B2B004EDB6D1}\syshost.exe” /service