MSSRV32.EXE – Trojan Downloader

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

MSSRV32.EXE – Trojan Downloader removal

FileMD5Virus Alias
MSSRV32.EXE 1df0ceab582ae94c83d7d2c79389e178 Trojan Downloader
MSSRV32.EXE 1df0ceab582ae94c83d7d2c79389e178 Backdoor RBot
MSSRV32.EXE 1df0ceab582ae94c83d7d2c79389e178 Trojan Agent
MSSRV32.EXE 1df0ceab582ae94c83d7d2c79389e178 Trojan Small

MSSRV32.EXE size: 22016 bytes
MSSRV32.EXE hash: 1DF0CEAB582AE94C83D7D2C79389E178

Created files:

C:\windows\system32\mssrv32.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\AFD\Parameters\DisableRawSecurity: 01000000
HKLM\System\CurrentControlSet\Services\msupdate\ImagePath: c:\windows\System32\mssrv32.exe
HKLM\System\CurrentControlSet\Services\msupdate\DisplayName: Microsoft security update service
HKLM\System\CurrentControlSet\Services\msupdate\Description: This service downloading and installing Windows security updates
HKLM\System\CurrentControlSet\Services\msupdate\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\msupdate\Start: 02000000
HKLM\System\CurrentControlSet\Services\msupdate\Type: 10000000

Detected by UnHackMe:

MSSRV32.EXE
Default location: %SYSDIR%\MSSRV32.EXE

Dropper information:
MD5: 1df0ceab582ae94c83d7d2c79389e178
File size: 22016 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images