WINDLL.EXE – Trojan Sinowal

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINDLL.EXE – Trojan Sinowal removal

FileMD5Virus Alias
WINDLL.EXE 2db7d7c811f774135d087d059d7ec7e0 Trojan Sinowal
WINDLL.EXE 2db7d7c811f774135d087d059d7ec7e0 Trojan Generic!rem
WINDLL.EXE 2db7d7c811f774135d087d059d7ec7e0 Trojan Generic
WINDLL.EXE 2db7d7c811f774135d087d059d7ec7e0 Trojan MLW
WINDLL.EXE 2db7d7c811f774135d087d059d7ec7e0 Trojan Eldorado
WINDLL.EXE 2db7d7c811f774135d087d059d7ec7e0 Worm Autorun

WINDLL.EXE size: 287744 bytes
WINDLL.EXE hash: 2DB7D7C811F774135D087D059D7EC7E0

Created files:

%SysDir%\Winzip\Windll.exe

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{O30WE683-8O06-0DB2-20Y5-1056DYT2TYDD}\StubPath: %WinDir%\System32\Winzip\Windll.exe Restart
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00570069006E007A00690070005C00570069006E0064006C006C002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00570069006E007A00690070005C00570069006E0064006C006C002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00570069006E007A00690070005C00570069006E0064006C006C002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C00570069006E007A00690070005C00570069006E0064006C006C002E006500780065000000

Detected by UnHackMe:

WINDLL.EXE
Default location: %SYSDIR%\WINZIP\WINDLL.EXE

Dropper information:
MD5: 2db7d7c811f774135d087d059d7ec7e0
File size: 287744 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images