Gxvxcserv.sys
Gxvxcserv.sys is a trojan infection that poses a security threat to the compromised computer. Gxvxcserv.sys is a clone of the Trojan-Downloader.Win32.Agent.brpo parasite and specializes in hiding the presence of affiliated malicious applications. Gxvxcserv.sys uses backdoor techniques in order to sneak onto a computer, hiding in the background to avoid detection. Gxvxcserv.sys is known to disable the use of computer security utilities and prevents people from normal web-surfing activities. Gxvxcserv.sys spreads by copying itself onto removable hard drives, creating files that are executed each time the drive is accessed.
File System Modifications
- The following files were created in the system:
# File Name 1 %Windows%\System32\Drivers\gxvxcktkkyprqptakypnbgcklvrjbompjnvor.sys 2 %Windows%\System32\Drivers\gxvxcserv.sys 3 %Windows%\System32\Drivers\gxvxcuptybtxqtcecrexcspefjvlfndklxitn.SYS
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\System\Controlset001\Enum\legacy_gxvxcserv.sysHKEY_LOCAL_MACHINE\System\Controlset003\Enum\legacy_gxvxcserv.sysHKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gxvxcserv.sys
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.