I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
Trojan DNSChanger
Also known as: Trojan Crypt
SHA256: 90ae540612e29ea31aaedb048448c5dbf04e10869c60aeca80e84a1ad012a5b8
SHA1: 0feaa4ef5800615c4ace47332a6dc61e5a943f05
MD5: 283b74c50c0a62c9273924418f84f7a9
File size: 810367 bytes
Created files:
%SysDir%\Microsoft2\pluguin.exe – Trojan DNSChanger
Trojan DNSChanger created autostart registry keys:
HKLM\Software\Microsoft\Active Setup\Installed Components\{3XIJYV5H-718E-L7XX-K6WS-8MV13XULGX13}\StubPath: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C004D006900630072006F0073006F006600740032005C0070006C0075006700750069006E002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\win32: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C004D006900630072006F0073006F006600740032005C0070006C0075006700750069006E002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\win32: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C004D006900630072006F0073006F006600740032005C0070006C0075006700750069006E002E006500780065000000