RADDRV.DLL – Worm AMN

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RADDRV.DLL – Worm AMN removal

FileMD5Virus Alias
RADDRV.DLL 53843458086b37d4e72256a935ad57fd Worm AMN
RADDRV.DLL 53843458086b37d4e72256a935ad57fd Trojan Agent

RADDRV.DLL size: 29600 bytes

Created files:

%SysDir%\raddrv.dll
%SysDir%\r_server.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\r_server\Type: 10010000
HKLM\System\CurrentControlSet\Services\r_server\Start: 02000000
HKLM\System\CurrentControlSet\Services\r_server\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\r_server\ImagePath: “%WinDir%\System32\r_server.exe” /service
HKLM\System\CurrentControlSet\Services\r_server\DisplayName: Remote Administrator Service
HKLM\System\CurrentControlSet\Services\r_server\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\r_server\Enum\0: Root\LEGACY_R_SERVER\0000
HKLM\System\CurrentControlSet\Services\r_server\Enum\Count: 01000000
HKLM\System\CurrentControlSet\Services\r_server\Enum\NextInstance: 01000000
HKLM\System\CurrentControlSet\Services\r_server\Security\Security: 01001480900000009C000000140000003000000002001C000100000002801400FF010F00010100000000000100000000020060000400000000001400FD01020001010000000000051200000000001800FF010F0001020000000000052000000020020000000014008D01020001010000000000050B00000000001800FD01020001020000000000052000000023020000010100000000000512000000010100000000000512000000

Detected by UnHackMe:

RADDRV.DLL
Default location: %SYSDIR%\RADDRV.DLL

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images