Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.AUTORUN.GP

 

 

Name:

Trojan.Autorun.gp

Descr. Added:

September 6, 2012

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Malware problems?   We can help.  Free Removal Tools.

 

 

Description:

 

When Trojan.Autorun.gp is executed, it performs the following activities:

After execution, it drops the following files:

%WinDir%\system32\syskernel.exe
%SystemDrive%\sys32krnl.exe
%SystemDrive%\sysmgr.exe
%SystemDrive%\syswin.exe

It modifies/creates the following registry entries:

sysBoot = "%WinDir%\system32\syskernel.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

sysStart= "%SystemDrive%\syswin.exe 1"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

sysBoot = "%SystemDrive%\sys32krnl.exe"
HKU\Software\Microsoft\Windows\CurrentVersion\Run

sysStart = "%SystemDrive%\syswin.exe 1"
HKU\Software\Microsoft\Windows\CurrentVersion\Run
 

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4