Solved! Use MSDCSVC.EXE (Rootkit SpyEye) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

MSDCSVC.EXE – Rootkit SpyEye removal

File MD5 Virus Alias
MSDCSVC.EXE 4e4c2dd89808170e22658f0e8b2f9ec2 Rootkit SpyEye
MSDCSVC.EXE 4e4c2dd89808170e22658f0e8b2f9ec2 Trojan SuspiciousFile
MSDCSVC.EXE 4e4c2dd89808170e22658f0e8b2f9ec2 Trojan Generic
MSDCSVC.EXE 4e4c2dd89808170e22658f0e8b2f9ec2 Trojan Eldorado
MSDCSVC.EXE 4e4c2dd89808170e22658f0e8b2f9ec2 Trojan Crypt
MSDCSVC.EXE 4e4c2dd89808170e22658f0e8b2f9ec2 Virus Vbcrypt

MSDCSVC.EXE size: 1830912 bytes
MSDCSVC.EXE hash: 4E4C2DD89808170E22658F0E8B2F9EC2

Created files:

%SysDir%\MSDCSC\msdcsvc.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit: %WinDir%\System32\userinit.exe,%WinDir%\System32\MSDCSC\msdcsvc.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MicroUpdate: %WinDir%\System32\MSDCSC\msdcsvc.exe

Detected by UnHackMe:

MSDCSVC.EXE
Default location: %SYSDIR%\MSDCSC\MSDCSVC.EXE

Dropper information:
MD5: 4e4c2dd89808170e22658f0e8b2f9ec2
File size: 1830912 bytes

Leave a Reply