I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
PREFETCH2473800.DLL – Trojan Magania removal
| File | MD5 | Virus Alias |
|---|---|---|
| PREFETCH2473800.DLL | 63a131f0d694938caa738802e32a0343 | Trojan Magania |
| PREFETCH2473800.DLL | 63a131f0d694938caa738802e32a0343 | Trojan Lineage |
| PREFETCH2473800.DLL | 63a131f0d694938caa738802e32a0343 | Trojan Generic |
| PREFETCH2473800.DLL | 63a131f0d694938caa738802e32a0343 | Trojan Eldorado |
| PREFETCH2473800.DLL | 63a131f0d694938caa738802e32a0343 | Trojan Downloader |
| PREFETCH2473800.DLL | 63a131f0d694938caa738802e32a0343 | Trojan Graftor |
PREFETCH2473800.DLL size: 138752 bytes
PREFETCH2473800.DLL hash: 63A131F0D694938CAA738802E32A0343
Created files:
C:\Net-mysql.sql
C:\windows\Prefetch2473800.dll
%UserProfile%\local settings\temp\4F8C16EC
%UserProfile%\local settings\temp\unins000.sfx.exe
%UserProfile%\local settings\temp\Update.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\Please Input Service Name\Type: 10010000
HKLM\System\CurrentControlSet\Services\Please Input Service Name\Start: 02000000
HKLM\System\CurrentControlSet\Services\Please Input Service Name\DisplayName: Please Input Service Display
HKLM\System\CurrentControlSet\Services\Please Input Service Name\ImagePath: %SystemRoot%\System32\svchost.exe -k imgsvc
HKLM\System\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip\PkgGs: 43003A005C00770069006E0064006F00770073005C005000720065006600650074006300680032003400370033003800300030002E0064006C006C000000
Detected by UnHackMe:
PREFETCH2473800.DLL
Default location: %WinDir%\PREFETCH2473800.DLL
Dropper information:
MD5: 43a1bcaec5e957ba61f6be587c0326d1
File size: 1392327 bytes