I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SERV32.DLL – Trojan Crypt removal
| File | MD5 | Virus Alias |
|---|---|---|
| SERV32.DLL | 2c499a2e9c65606908bd2541f477c154 | Trojan Crypt |
| SERV32.DLL | 2c499a2e9c65606908bd2541f477c154 | Trojan Kryptik |
SERV32.DLL size: 206136 bytes
SERV32.DLL hash: 2C499A2E9C65606908BD2541F477C154
Created files:
%SysDir%\serv32.dll
Autostart registry keys:
HKLM\Software\Classes\CLSID\{C80535B6-D51C-F149-6FFD-DAFEDD5B0985}\InprocServer32 : c:\windows\System32\serv32.dll
HKLM\System\CurrentControlSet\Services\pqwuoyfs\ImagePath: 2500530079007300740065006D0052006F006F00740025005C00530079007300740065006D00330032005C0073007600630068006F00730074002E0065007800650020002D006B0020006E006500740073007600630073000000
HKLM\System\CurrentControlSet\Services\pqwuoyfs\Description: Remote Access PPPOE
HKLM\System\CurrentControlSet\Services\pqwuoyfs\DisplayName: Remote Access PPPOE Controller
HKLM\System\CurrentControlSet\Services\pqwuoyfs\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\pqwuoyfs\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\pqwuoyfs\Start: 02000000
HKLM\System\CurrentControlSet\Services\pqwuoyfs\Type: 20000000
HKLM\System\CurrentControlSet\Services\pqwuoyfs\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C007300650072007600330032002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\pqwuoyfs\Parameters\ServiceMain: DllRegisterServer
Detected by UnHackMe:
SERV32.DLL
Default location: %SYSDIR%\SERV32.DLL
Dropper information:
MD5: 323b7c1f741e3126b8e255bdbaca68e9
File size: 216212 bytes