Worm Autorun – SysAnti.exe – 0a36321b110c4bbb014ec0471a1bbb77

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Worm Autorun
Also known as: Trojan Buzus, Trojan Delphi
SHA256: 289023241ae9774e1f3a6c405ee0a40def6e84b89a60a9485857cfd18088b1f4
SHA1: 7cc83d1f903535d273bfa4bb5a82373f754f7b52
MD5: 0a36321b110c4bbb014ec0471a1bbb77
File size: 81152 bytes

Created files:

%WinDir%\System32\SysAnti.exe – Worm Autorun

Worm Autorun created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\SysAnti: %WinDir%\System32\SysAnti.exe
HKLM\System\CurrentControlSet\Services\DrvKiller\Type: 01000000
HKLM\System\CurrentControlSet\Services\DrvKiller\Start: 03000000
HKLM\System\CurrentControlSet\Services\DrvKiller\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\DrvKiller\DisplayName: DrvKiller
HKLM\System\CurrentControlSet\Services\DrvKiller\ImagePath: %WinDir%\Fonts\clvw.fon
HKLM\System\CurrentControlSet\Services\hio\Type: 01000000
HKLM\System\CurrentControlSet\Services\hio\Start: 03000000
HKLM\System\CurrentControlSet\Services\hio\DisplayName: hio
HKLM\System\CurrentControlSet\Services\hio\ImagePath: %Temp%~hio.tmp

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images