I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
NTDOS44.ESN – Trojan Generic removal
| File | MD5 | Virus Alias |
|---|---|---|
| NTDOS44.ESN | f981b02b1bb519417f27066076e7ace3 | Trojan Generic |
| NTDOS44.ESN | f981b02b1bb519417f27066076e7ace3 | Trojan Agent |
NTDOS44.ESN size: 13056 bytes
NTDOS44.ESN hash: F981B02B1BB519417F27066076E7ACE3
Created files:
%SysDir%\6to432
%SysDir%\6to432.dll
%SysDir%\ntdos44.esn
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\6to4\Type: 20000000
HKLM\System\CurrentControlSet\Services\6to4\Start: 02000000
HKLM\System\CurrentControlSet\Services\6to4\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\6to4\DisplayName: 6to4
HKLM\System\CurrentControlSet\Services\6to4\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\6to4\Description: 6to4
HKLM\System\CurrentControlSet\Services\6to4\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00360074006F003400330032002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\net8139\Type: 01000000
HKLM\System\CurrentControlSet\Services\net8139\Start: 02000000
HKLM\System\CurrentControlSet\Services\net8139\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\net8139\DisplayName: net8139
HKLM\System\CurrentControlSet\Services\net8139\ImagePath: %WinDir%\System32\ntdos44.esn
Detected by UnHackMe:
NTDOS44.ESN
Default location: %SYSDIR%\NTDOS44.ESN
Dropper information:
MD5: d5e32f42cb935be7d7909139fdb484ff
File size: 20593 bytes