PHNIOX.DLL – Rootkit TDSS

Rootkits No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

PHNIOX.DLL – Rootkit TDSS removal

File MD5 Virus Alias
PHNIOX.DLL b5d64b33ea84638a1f79d2b82d0440b2 Rootkit TDSS
PHNIOX.DLL b5d64b33ea84638a1f79d2b82d0440b2 Trojan SuspiciousFile
PHNIOX.DLL b5d64b33ea84638a1f79d2b82d0440b2 Trojan Generic
PHNIOX.DLL b5d64b33ea84638a1f79d2b82d0440b2 Trojan OnLineGames
PHNIOX.DLL b5d64b33ea84638a1f79d2b82d0440b2 Trojan Magania

PHNIOX.DLL size: 82276 bytes
PHNIOX.DLL hash: B5D64B33EA84638A1F79D2B82D0440B2

Created files:

%SysDir%\Phniox.dll
%TEMP%\BY1840095
%TEMP%\BY1840907
%TEMP%\BY1841708
%TEMP%\BY1842519
%WinDir%\XxEfwPW.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\WS2IFSL\Type: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\Start: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\DisplayName: Windows Socket 2.0 Non-IFS Service Provider Support Environment
HKLM\System\CurrentControlSet\Services\WS2IFSL\ImagePath: \SystemRoot\System32\drivers\ws2ifsl.sys

Detected by UnHackMe:

PHNIOX.DLL
Default location: %SYSDIR%\PHNIOX.DLL

Dropper information:
MD5: 6784edf96bd705169566db260b665437
File size: 409600 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images