MSWZCSVC.DLL – Backdoor IRCBot

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

MSWZCSVC.DLL – Backdoor IRCBot removal

FileMD5Virus Alias
MSWZCSVC.DLL 417583cb8687c41f336f7d7013b89ec8 Backdoor IRCBot
MSWZCSVC.DLL 417583cb8687c41f336f7d7013b89ec8 Trojan WS.Reputation.1
MSWZCSVC.DLL 417583cb8687c41f336f7d7013b89ec8 Trojan SuspiciousFile
MSWZCSVC.DLL 417583cb8687c41f336f7d7013b89ec8 Trojan Agent

MSWZCSVC.DLL size: 167936 bytes
MSWZCSVC.DLL hash: 417583CB8687C41F336F7D7013B89EC8

Created files:

%WinDir%\System32\mswzcsvc.dll
%TEMP%\SVCHOST.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\6to4\SBIE_Win32ExitCode: 02000000
HKLM\System\CurrentControlSet\Services\WZCSVCkit\Type: 20000000
HKLM\System\CurrentControlSet\Services\WZCSVCkit\Start: 02000000
HKLM\System\CurrentControlSet\Services\WZCSVCkit\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\WZCSVCkit\DisplayName: WZCSVCkit
HKLM\System\CurrentControlSet\Services\WZCSVCkit\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\WZCSVCkit\Parameters\ServiceDll: 2500530079007300740065006D0052006F006F00740025005C00530079007300740065006D00330032005C006D00730077007A0063007300760063002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\WZCSVCkit\Parameters\ServiceMain: ServiceMain

Detected by UnHackMe:

MSWZCSVC.DLL
Default location: %SYSDIR%\MSWZCSVC.DLL

Dropper information:
MD5: 152b264288bcf5dc02222cee49587b8e
File size: 795136 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images