DXAxHost.dll – Trojan Agent

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

DXAxHost.dll – Trojan Agent removal

FileVirus Alias
DXAxHost.dll Trojan Agent
DXAxHost.dll Trojan Generic

Created files:

%WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\0CDF80DF3D5695D1B24E35F7E13E0E5B.EXE – Trojan Agent
%WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\AppData\{BFA17919-BB1B-4A23-BC7C-AC0DD6E5843B}.DXScript2 – Trojan Agent
%WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll – Trojan Agent
%WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXStart.dll – Trojan Agent

Autostart registry keys:

HKLM\Software\Classes\CLSID\{0CB13FC5-EFA6-400F-9F32-235193A2D8C1}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{0CB13FC5-EFA6-400F-9F32-235193A2D8C1}\InprocServer32\ThreadingModel: Both
HKLM\Software\Classes\CLSID\{1251C89E-C28B-4523-934C-B8C25550AF8B}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{3591BCCA-6D3A-4C9E-9890-5EB6561D903E}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{75328D64-87CF-4848-A831-35DEAFE27822}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{7A233969-A455-4641-90B7-23F904A0AF2A}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{7A233969-A455-4641-90B7-23F904A0AF2A}\InprocServer32\ThreadingModel: Both
HKLM\Software\Classes\CLSID\{80A21AA6-7EFA-496F-8369-2E813E25B97B}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{80A21AA6-7EFA-496F-8369-2E813E25B97B}\InprocServer32\ThreadingModel: Both
HKLM\Software\Classes\CLSID\{871E56B6-59E6-48D9-AB00-85F66765ABC2}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{AB9FA086-83C4-4F56-B614-77CA8C349270}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{D59CF868-3464-49D3-9A96-3E6890EDC7E8}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{D8650B19-884F-43B6-A1F4-23A3156F7671}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll
HKLM\Software\Classes\CLSID\{D8650B19-884F-43B6-A1F4-23A3156F7671}\InprocServer32\ThreadingModel: Both
HKLM\Software\Classes\CLSID\{E745B262-93B6-4630-B26E-4E0CD4C435EC}\InprocServer32 : %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll

Detected by UnHackMe:

DXAxHost.dll
Default location: %WinDir%\TEMP\{64B0052E-1E5C-4046-95BB-C6172D1F766B}\SDPlugins\DXAxHost.dll

Dropper information:
SHA256: 988a5baa707aea8b20d4751e3034f97194d830066d7312642273e04ee1a4f923
SHA1: 3475994eafb696533329d892e61dfbdff5b415d9
MD5: 0cdf80df3d5695d1b24e35f7e13e0e5b
File size: 573952 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images