I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
MXSF2.dll – Trojan Crypt removal
| File | Virus Alias |
|---|---|
| MXSF2.dll | Trojan Crypt |
| MXSF2.dll | Fake Antivirus Winwebsec |
| MXSF2.dll | Trojan DNAScan |
| MXSF2.dll | Trojan Downloader.Generic |
| MXSF2.dll | Trojan Agent |
| MXSF2.dll | Trojan Kryptik |
Created files:
%WinDir%\system\MXSF2.dll – Trojan Crypt
%WinDir%\system\T.exe – Trojan Crypt
%WinDir%\system\TaoAPI.dll – Trojan Crypt
Autostart registry keys:
HKLM\Software\Classes\CLSID\{0789CC3E-53C3-49D1-A41D-0A539E0D85F1}\InprocServer32 : %WinDir%\System\TaoAPI.dll
HKLM\System\CurrentControlSet\Services\6to4\Type: 20010000
HKLM\System\CurrentControlSet\Services\6to4\Start: 02000000
HKLM\System\CurrentControlSet\Services\6to4\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\6to4\DisplayName: 6to4
HKLM\System\CurrentControlSet\Services\6to4\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\6to4\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D005C004D0058005300460032002E0064006C006C000000
Detected by UnHackMe:
MXSF2.dll
Default location: %WinDir%\system\MXSF2.dll
Dropper information:
SHA256: 47db59660c6bc27587700517b9b0896d54d8e5c684c9fa04739f552b9f517bee
SHA1: 43c8f121ac1924c8f6532e4837866db5d7e3d0ca
MD5: 183766b1cc36134ee8e04d4ccefa70b6
File size: 176640 bytes