TROJ_HYDRAQ.E
TROJ_HYDRAQ.E is a Trojan infection downloaded from remote sites or other malware. TROJ_HYDRAQ.E ensures its automatic execution at every system startup by registering itself as a system service. TROJ_HYDRAQ.E creates registry key entries to ensure its automatic execution. TROJ_HYDRAQ.E poses a risk to system security and must be removed immediately once detected.
File System Details
TROJ_HYDRAQ.E may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %System%\Rasmon.dll to svchost.exe |
Registry Details
TROJ_HYDRAQ.E may create the following registry entry or registry entries:
Services\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RaS{random}
ErrorControl = "0"
ImagePath = "%SystemRoot%\System32\svchost.exe -k netsvcs"
ServiceDll = "%System%\rasmon.dll"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ups{random}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RaS{random}
Type = "20"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RaS{random}\Parameters
Security = "{Binary Values}"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ups{random}\Security
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0~MHz
Services\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ups{random}
Start = "2"
ObjectName "LocalSystem"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RaS{random}\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ups{random}\Parameters
