mspdnx.dll - Dangerous
%sysdir%\mspdnx.dll
Manual removal instructions:
Antivirus Report of %sysdir%\mspdnx.dll:
%sysdir%\mspdnx.dll
mspdnx.dll is rootkit Trojan.Haxdoor-X.
mspdnx.dll is used to hide files, processes and registry.
mspdnx.dll is a kernel mode rootkit.
Rootkit contacts remote hacker server using HTTP session.
mspdnx.dll changed settings for Microsoft Internet Explorer.
Rootkit injects itself into any one of the following processes:
iexplore.exe
opera.exe
thebat.exe
outlook.exe
msn.exe
icq.exe
miranda.exe
Maxthon.exe
Firefox.exe
aol.exe
myie.exe
mozilla.exe
Rootkit creates new system drivers.
Related files:
%SysDir%\mspdnx.dll
%SysDir%\chgsprt.sys
%SysDir%\idchr2.dat
%SysDir%\headr2.dat
%SysDir%\chrr2.ini
%SysDir%\cmdfl2.dat
%SysDir%\tmpfile2.exe
Adds the value:
to the Windows startup registry keys.
Added to registry:
HKCU\Software\Microsoft\Internet Explorer\Main
HKCU\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
HKCU\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
HKCU\Software\Microsoft\Internet Explorer\Main\Search Page
HKCU\Software\Microsoft\Internet Explorer\Main\Start Page
HKLM\Software\Microsoft\Internet Explorer\Main\
HKLM\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
HKLM\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
HKLM\Software\Microsoft\Internet Explorer\Main\Search Page
HKLM\Software\Microsoft\Internet Explorer\Main\Start Page
HKLM\Software\Microsoft\Internet Explorer\Search
| %sysdir%\mspdnx.dll | Malware |
| %sysdir%\mspdnx.dll | Dangerous |
| %sysdir%\mspdnx.dll | High Risk |
mspdnx.dll is used to hide files, processes and registry.
mspdnx.dll is a kernel mode rootkit.
Rootkit contacts remote hacker server using HTTP session.
mspdnx.dll changed settings for Microsoft Internet Explorer.
Rootkit injects itself into any one of the following processes:
iexplore.exe
opera.exe
thebat.exe
outlook.exe
msn.exe
icq.exe
miranda.exe
Maxthon.exe
Firefox.exe
aol.exe
myie.exe
mozilla.exe
Rootkit creates new system drivers.
Related files:
%SysDir%\mspdnx.dll
%SysDir%\chgsprt.sys
%SysDir%\idchr2.dat
%SysDir%\headr2.dat
%SysDir%\chrr2.ini
%SysDir%\cmdfl2.dat
%SysDir%\tmpfile2.exe
Adds the value:
to the Windows startup registry keys.
Added to registry:
HKCU\Software\Microsoft\Internet Explorer\Main
HKCU\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
HKCU\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
HKCU\Software\Microsoft\Internet Explorer\Main\Search Page
HKCU\Software\Microsoft\Internet Explorer\Main\Start Page
HKLM\Software\Microsoft\Internet Explorer\Main\
HKLM\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
HKLM\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
HKLM\Software\Microsoft\Internet Explorer\Main\Search Page
HKLM\Software\Microsoft\Internet Explorer\Main\Start Page
HKLM\Software\Microsoft\Internet Explorer\Search
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.