I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
REGINV.DLL – Trojan-Ransom Winlock removal
File | MD5 | Virus Alias |
---|---|---|
REGINV.DLL | 562e0d01d6571fa2251a1e9f54c6cc69 | Trojan-Ransom Winlock |
REGINV.DLL | 562e0d01d6571fa2251a1e9f54c6cc69 | Trojan Generic |
REGINV.DLL | 562e0d01d6571fa2251a1e9f54c6cc69 | Trojan Agent |
REGINV.DLL | 562e0d01d6571fa2251a1e9f54c6cc69 | Backdoor IRCBot |
REGINV.DLL size: 36864 bytes
REGINV.DLL hash: 562E0D01D6571FA2251A1E9F54C6CC69
Created files:
%WinDir%\services.exe
%WinDir%\system\sservice.exe
%SysDir%\fservice.exe
%SysDir%\reginv.dll
%SysDir%\winkey.dll
Autostart registry keys:
HKLM\Software\Microsoft\Active Setup\Installed Components\{5Y99AE78-58TT-11dW-BE53-Y67078979Y}\StubPath: %WinDir%\System\sservice.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\DirectX For Microsoft? Windows: %WinDir%\System32\fservice.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe %WinDir%\System32\fservice.exe
Detected by UnHackMe:
REGINV.DLL
Default location: %SYSDIR%\REGINV.DLL
Dropper information:
MD5: 0290c24e95759489ec63ed6a64f6c06e
File size: 350764 bytes