The file WIN_SPOOL2.DLL is malware related.
You must delete the file WIN_SPOOL2.DLL immediately!
Delete the file WIN_SPOOL2.DLL without delay!
Kill the process WIN_SPOOL2.DLL and remove WIN_SPOOL2.DLL from the Windows startup.
Malware Analysis of WIN_SPOOL2.DLL
Full path on a computer: %SysDir%\win_spool2.dll
Detected by UnHackMe:
Item Name: win_spool2
Author:
Related File: %SysDir%\WIN_SPOOL2.DLL
Type: Winlogon Notification
Removal Results: Success
Number of reboot: 1
WIN_SPOOL2.DLL is known as:
Trojan.Spy.SCKeyLogger, Spyware ( 0000b10d1 ), Trojan.SCKeyLog.yznc, W32.SCkeylogger.D, Spyware.SCKeyLogger, SCKeylog.ANMD, Win32.SCKeyLog.U, TSPY_SCKEYLOG.P, Trojan.Spy.SCKeylog-2, Trojan-Spy.SCKeyLog.at, TrojanSpy.SCKeyLog.5xNnr18.WcI, Trojan.A.SCKeyLog.15360, TrojWare.Spy.SCKeyLog.O, Trojan.SCKeyLog.212, SC-KeyLog, TR.SCKeylog.H, Troj.SCKeyLog-O, TrojanSpy.SCKeyLog.l, Troj.SCKeyLog.o.(kcloud), TrojanSpy.SCKeyLog.O, Trojan.Agent.Gen, Win-Trojan.Keylogger.15360.D, W32.SCkeylogger.PDXH-9326, TrojanSpy.SCKeyLog, Trj.Rovaf.A, Win32.Spy.SCKeyLog.O, Trojan-Spy.SCKeyLog.O, W32.Keylog.SCLog.tr, Trojan.Spy.AV
WIN_SPOOL2.DLL hash:
- MD5: 9f770e0f52200fd51d243a73e1fe91a3
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\win_spool2: “%SysDir%\win_spool2.exe”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\win_spool2\DllName: “win_spool2.dll”
Files:- %Temp%\67-41
- %Temp%\ief1.tmp
- %SysDir%\2loops_niw.dat
- %SysDir%\win_spool2.dll
- %SysDir%\win_spool2.exe