I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
MSSRV32.EXE – Trojan Downloader removal
| File | MD5 | Virus Alias |
|---|---|---|
| MSSRV32.EXE | 162c8a584c208673744f1970eec0ffa0 | Trojan Downloader |
| MSSRV32.EXE | 162c8a584c208673744f1970eec0ffa0 | Trojan Generic |
| MSSRV32.EXE | 162c8a584c208673744f1970eec0ffa0 | Backdoor RBot |
| MSSRV32.EXE | 162c8a584c208673744f1970eec0ffa0 | Trojan Agent |
| MSSRV32.EXE | 162c8a584c208673744f1970eec0ffa0 | Trojan Small |
| MSSRV32.EXE | 162c8a584c208673744f1970eec0ffa0 | Trojan StartPage |
MSSRV32.EXE size: 22016 bytes
MSSRV32.EXE hash: 162C8A584C208673744F1970EEC0FFA0
Created files:
C:\windows\system32\mssrv32.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\AFD\Parameters\DisableRawSecurity: 01000000
HKLM\System\CurrentControlSet\Services\msupdate\ImagePath: c:\windows\System32\mssrv32.exe
HKLM\System\CurrentControlSet\Services\msupdate\DisplayName: Microsoft security update service
HKLM\System\CurrentControlSet\Services\msupdate\Description: This service downloading and installing Windows security updates
HKLM\System\CurrentControlSet\Services\msupdate\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\msupdate\Start: 02000000
HKLM\System\CurrentControlSet\Services\msupdate\Type: 10000000
Detected by UnHackMe:
MSSRV32.EXE
Default location: %SYSDIR%\MSSRV32.EXE
Dropper information:
MD5: 162c8a584c208673744f1970eec0ffa0
File size: 22016 bytes