Rootkit.Win32.Plite.pfk also known as Trojan/Urelas.f, Trojan.Gen, Gen:Variant.Zusy.24258 (B). Malware Analysis of Rootkit.Win32.Plite.pfk – ORKOLOB.EXE Created files: %Temp%\gbp.ini %Temp%\zebozub.exe %Temp%\~DFA19.tmp %SysDir%\golfinfo.ini %SysDir%\orkolob.exe Autostart registry keys: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\run: “%SysDir%\orkolob.exe” Detected by UnHackMe: ORKOLOB.EXE Default location: %SYSDIR%\ORKOLOB.EXE Dropper hash(md5): 7e89d20c96cf2b8e2712b4bf566a369e UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Gen:Rootkit.TcpIp-Hook.huW@a8GGkNl (B) also known as Gen:Rootkit.TcpIp-Hook.huW@a8GGkNl, Rootkit/Nuwar.NA, I-Worm/Zhelatin.akid. Malware Analysis of Gen:Rootkit.TcpIp-Hook.huW@a8GGkNl (B) – ORTYERAS1ABA-3155.SYS Created files: %SysDir%\ortyeras.config %SysDir%\ortyeras1aba-3155.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\ImagePath: “\??\%SysDir%\ortyeras1aba-3155.sys” HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\DisplayName: “ortyeras1aba-3155” Detected by UnHackMe: ORTYERAS1ABA-3155.SYS Default location: %SYSDIR%\ORTYERAS1ABA-3155.SYS Dropper hash(md5): d8749985eff03e472d6592091680e2fa UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Rootkit/Nuwar.NA also known as Trojan.Agent.AGIB, Win32/Sintun!generic, Worm.Win32.Nuwar.BC. Malware Analysis of Rootkit/Nuwar.NA – ORTYERAS1ABA-3155.SYS Created files: %SysDir%\ortyeras.config %SysDir%\ortyeras1aba-3155.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\ImagePath: “\??\%SysDir%\ortyeras1aba-3155.sys” HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\DisplayName: “ortyeras1aba-3155” Detected by UnHackMe: ORTYERAS1ABA-3155.SYS Default location: %SYSDIR%\ORTYERAS1ABA-3155.SYS Dropper hash(md5): d8749985eff03e472d6592091680e2fa UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Gen:Rootkit.TcpIp-Hook.E68E77 also known as I-Worm.Win32.Zhelatin.129536[h], PE:Malware.Generic/QRS!1.9E2D [F], Worm.Win32.Nuwar.BC. Malware Analysis of Gen:Rootkit.TcpIp-Hook.E68E77 – ORTYERAS1ABA-3155.SYS Created files: %SysDir%\ortyeras.config %SysDir%\ortyeras1aba-3155.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\ImagePath: “\??\%SysDir%\ortyeras1aba-3155.sys” HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\DisplayName: “ortyeras1aba-3155” Detected by UnHackMe: ORTYERAS1ABA-3155.SYS Default location: %SYSDIR%\ORTYERAS1ABA-3155.SYS Dropper hash(md5): d8749985eff03e472d6592091680e2fa UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Rootkit.QQHelp.Gen.6 also known as Gen:Rootkit.TcpIp-Hook.huW@a8GGkNl, Rootkit/Nuwar.NA, I-Worm/Nuwar.Q. Malware Analysis of Rootkit.QQHelp.Gen.6 – ORTYERAS1ABA-3155.SYS Created files: %SysDir%\ortyeras.config %SysDir%\ortyeras1aba-3155.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\ImagePath: “\??\%SysDir%\ortyeras1aba-3155.sys” HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\DisplayName: “ortyeras1aba-3155” Detected by UnHackMe: ORTYERAS1ABA-3155.SYS Default location: %SYSDIR%\ORTYERAS1ABA-3155.SYS Dropper hash(md5): d8749985eff03e472d6592091680e2fa UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Rootkit.Zhelatin.xx also known as Artemis!Trojan, Trojan.Win32.Native.Heur.Gen, Worm/Win32.Zhelatin. Malware Analysis of Rootkit.Zhelatin.xx – ORTYERAS1ABA-3155.SYS Created files: %SysDir%\ortyeras.config %SysDir%\ortyeras1aba-3155.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\ImagePath: “\??\%SysDir%\ortyeras1aba-3155.sys” HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\DisplayName: “ortyeras1aba-3155” Detected by UnHackMe: ORTYERAS1ABA-3155.SYS Default location: %SYSDIR%\ORTYERAS1ABA-3155.SYS Dropper hash(md5): d8749985eff03e472d6592091680e2fa UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Gen:Rootkit.TcpIp-Hook.huW@a8GGkNl also known as Trojan.Spambot.2386, Trojan.Peacomm.D, Worm/Win32.Zhelatin. Malware Analysis of Gen:Rootkit.TcpIp-Hook.huW@a8GGkNl – ORTYERAS1ABA-3155.SYS Created files: %SysDir%\ortyeras.config %SysDir%\ortyeras1aba-3155.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\ImagePath: “\??\%SysDir%\ortyeras1aba-3155.sys” HKLM\System\CurrentControlSet\Services\ortyeras1aba-3155\DisplayName: “ortyeras1aba-3155” Detected by UnHackMe: ORTYERAS1ABA-3155.SYS Default location: %SYSDIR%\ORTYERAS1ABA-3155.SYS Dropper hash(md5): d8749985eff03e472d6592091680e2fa UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Win32.Rootkit.Koutodoor.a also known as Win32/Koutodoor.GU, W32/Koutodoor.O.gen!Eldorado, Backdoor ( 04c4e9411 ). Malware Analysis of Win32.Rootkit.Koutodoor.a – AJCG.SYS Created files: %SysDir%\drivers\ajcg.sys %SysDir%\lhfjvaa.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\ajcg\ImagePath: “system32\drivers\ajcg.sys” HKLM\System\CurrentControlSet\Services\ajcg\DisplayName: “ajcg” Detected by UnHackMe: AJCG.SYS Default location: %SYSDIR%\DRIVERS\AJCG.SYS Dropper hash(md5): d6846582d97f9aaf24c73d2a47b370bf UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Rootkit.56174 also known as Mal/Rootkit-Z, W32/MalwareS.BKFE, BehavesLike.Win32.Simfect.xh. Malware Analysis of Rootkit.56174 – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit.56174 also known as Mal/Rootkit-Z, W32/MalwareS.BKFE, BehavesLike.Win32.Simfect.xh. Malware Analysis of Rootkit.56174 – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

PE:RootKit.Win32.Undef.ctb!1587827 [F] also known as Rootkit.56174, Win.Trojan.Rootkit-6329, Trojan ( 00005d991 ). Malware Analysis of PE:RootKit.Win32.Undef.ctb!1587827 [F] – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

PE:RootKit.Win32.Undef.ctb!1587827 [F] also known as Rootkit.56174, Win.Trojan.Rootkit-6329, Trojan ( 00005d991 ). Malware Analysis of PE:RootKit.Win32.Undef.ctb!1587827 [F] – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Rootkit.Agent!NV1Dcy70rSc also known as Win32:Jadtre-H [Rtk], RootKit.Win32.Jadtre.a, TR/Jadtre.E. Malware Analysis of Rootkit.Agent!NV1Dcy70rSc – 14A45BDC.SYS Created files: %Temp%\~DF1C02.tmp C:\Documents and Settings\NetworkService\Favorites\Desktop.ini %SysDir%\14A45BDC.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\14A45BDC\ImagePath: “system32\14A45BDC.sys” Detected by UnHackMe: 14A45BDC.SYS Default location: %SYSDIR%\14A45BDC.SYS Dropper hash(md5): d7137382c16916ac7facd5457e65ef90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Rootkit.Agent!NV1Dcy70rSc also known as Win32:Jadtre-H [Rtk], RootKit.Win32.Jadtre.a, TR/Jadtre.E. Malware Analysis of Rootkit.Agent!NV1Dcy70rSc – 14A45BDC.SYS Created files: %Temp%\~DF1C02.tmp C:\Documents and Settings\NetworkService\Favorites\Desktop.ini %SysDir%\14A45BDC.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\14A45BDC\ImagePath: “system32\14A45BDC.sys” Detected by UnHackMe: 14A45BDC.SYS Default location: %SYSDIR%\14A45BDC.SYS Dropper hash(md5): d7137382c16916ac7facd5457e65ef90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Rootkit.Agent.Win32.7607 also known as VirTool.WinNT.Jadtre, Rootkit.56174, Mal/Rootkit-Z. Malware Analysis of Rootkit.Agent.Win32.7607 – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit.Agent.Win32.7607 also known as VirTool.WinNT.Jadtre, Rootkit.56174, Mal/Rootkit-Z. Malware Analysis of Rootkit.Agent.Win32.7607 – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit.Win32.Agent.bovl also known as Backdoor/W32.Small.12464.B, Gen:Variant.Jadtre.1, Rootkit.Agent.bovl. Malware Analysis of Rootkit.Win32.Agent.bovl – 14A45BDC.SYS Created files: %Temp%\~DF1C02.tmp C:\Documents and Settings\NetworkService\Favorites\Desktop.ini %SysDir%\14A45BDC.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\14A45BDC\ImagePath: “system32\14A45BDC.sys” Detected by UnHackMe: 14A45BDC.SYS Default location: %SYSDIR%\14A45BDC.SYS Dropper hash(md5): d7137382c16916ac7facd5457e65ef90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Rootkit.Win32.Agent.bovl also known as Backdoor/W32.Small.12464.B, Gen:Variant.Jadtre.1, Rootkit.Agent.bovl. Malware Analysis of Rootkit.Win32.Agent.bovl – 14A45BDC.SYS Created files: %Temp%\~DF1C02.tmp C:\Documents and Settings\NetworkService\Favorites\Desktop.ini %SysDir%\14A45BDC.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\14A45BDC\ImagePath: “system32\14A45BDC.sys” Detected by UnHackMe: 14A45BDC.SYS Default location: %SYSDIR%\14A45BDC.SYS Dropper hash(md5): d7137382c16916ac7facd5457e65ef90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Rootkit.56174 (B) also known as PE:RootKit.Win32.Undef.ctb!1587827 [F], Trojan.RootKit/Gen, BackDoor.Generic17.AGQY. Malware Analysis of Rootkit.56174 (B) – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Rootkit.56174 (B) also known as PE:RootKit.Win32.Undef.ctb!1587827 [F], Trojan.RootKit/Gen, BackDoor.Generic17.AGQY. Malware Analysis of Rootkit.56174 (B) – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Rootkit.Agent.hwo also known as Trojan.Win32.RT-Agent.6432[h], RTKT_PIKORAV.SMA, Rootkit.56174 (B). Malware Analysis of Rootkit.Agent.hwo – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Rootkit.Agent.hwo also known as Trojan.Win32.RT-Agent.6432[h], RTKT_PIKORAV.SMA, Rootkit.56174 (B). Malware Analysis of Rootkit.Agent.hwo – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Rootkit.Agent!w0uIYicnB3I also known as Trojan.RootKit/Gen, Rootkit.56174, Rootkit.Win32.Agent!O. Malware Analysis of Rootkit.Agent!w0uIYicnB3I – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit.Agent!w0uIYicnB3I also known as Trojan.RootKit/Gen, Rootkit.56174, Rootkit.Win32.Agent!O. Malware Analysis of Rootkit.Agent!w0uIYicnB3I – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit.DDB6E also known as W32/MalwareS.BKFE, Trojan/W32.Rootkit.6432.B, W32/Simfect.sys. Malware Analysis of Rootkit.DDB6E – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit.DDB6E also known as W32/MalwareS.BKFE, Trojan/W32.Rootkit.6432.B, W32/Simfect.sys. Malware Analysis of Rootkit.DDB6E – 73B2302C.SYS Created files: %SysDir%\drivers\73B2302C.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\73B2302C\ImagePath: “system32\drivers\73B2302C.sys” Detected by UnHackMe: 73B2302C.SYS Default location: %SYSDIR%\DRIVERS\73B2302C.SYS Dropper hash(md5): d8767274d1eab260b6fbed83b3f826e0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Rootkit-Pakes.CA also known as Trojan.Agent/Gen-KsMon[PWS], PE:Trojan.Kimons!1.6AAE [F]. Malware Analysis of Rootkit-Pakes.CA – LHFJVAA.DLL Created files: %SysDir%\drivers\ajcg.sys %SysDir%\lhfjvaa.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\ajcg\ImagePath: “system32\drivers\ajcg.sys” HKLM\System\CurrentControlSet\Services\ajcg\DisplayName: “ajcg” Detected by UnHackMe: LHFJVAA.DLL Default location: %SYSDIR%\LHFJVAA.DLL Dropper hash(md5): d6846582d97f9aaf24c73d2a47b370bf UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Rootkit-Pakes.CA also known as Trojan.Agent/Gen-KsMon[PWS], PE:Trojan.Kimons!1.6AAE [F]. Malware Analysis of Rootkit-Pakes.CA – LHFJVAA.DLL Created files: %SysDir%\drivers\ajcg.sys %SysDir%\lhfjvaa.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\ajcg\ImagePath: “system32\drivers\ajcg.sys” HKLM\System\CurrentControlSet\Services\ajcg\DisplayName: “ajcg” Detected by UnHackMe: LHFJVAA.DLL Default location: %SYSDIR%\LHFJVAA.DLL Dropper hash(md5): d6846582d97f9aaf24c73d2a47b370bf UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Rootkit.Agent.bovl also known as a variant of Win32/Wapomi.AC, W32/Suspicious_Gen2.RLMNQ, Rootkit.Win32.Agent!IK. Malware Analysis of Rootkit.Agent.bovl – 14A45BDC.SYS Created files: %Temp%\~DF1C02.tmp C:\Documents and Settings\NetworkService\Favorites\Desktop.ini %SysDir%\14A45BDC.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\14A45BDC\ImagePath: “system32\14A45BDC.sys” Detected by UnHackMe: 14A45BDC.SYS Default location: %SYSDIR%\14A45BDC.SYS Dropper hash(md5): d7137382c16916ac7facd5457e65ef90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

Rootkit.Agent.bovl also known as a variant of Win32/Wapomi.AC, W32/Suspicious_Gen2.RLMNQ, Rootkit.Win32.Agent!IK. Malware Analysis of Rootkit.Agent.bovl – 14A45BDC.SYS Created files: %Temp%\~DF1C02.tmp C:\Documents and Settings\NetworkService\Favorites\Desktop.ini %SysDir%\14A45BDC.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\14A45BDC\ImagePath: “system32\14A45BDC.sys” Detected by UnHackMe: 14A45BDC.SYS Default location: %SYSDIR%\14A45BDC.SYS Dropper hash(md5): d7137382c16916ac7facd5457e65ef90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →