OLEXMLPROV.DLL – Trojan Agent

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

OLEXMLPROV.DLL – Trojan Agent removal

FileMD5Virus Alias
OLEXMLPROV.DLL d1782106b81464ce0866772d4f494a87 Trojan Agent
OLEXMLPROV.DLL d1782106b81464ce0866772d4f494a87 Trojan SuspiciousFile
OLEXMLPROV.DLL d1782106b81464ce0866772d4f494a87 Trojan Generic
OLEXMLPROV.DLL d1782106b81464ce0866772d4f494a87 Trojan Downloader
OLEXMLPROV.DLL d1782106b81464ce0866772d4f494a87 Trojan CI
OLEXMLPROV.DLL d1782106b81464ce0866772d4f494a87 Worm AMN

OLEXMLPROV.DLL size: 166912 bytes
OLEXMLPROV.DLL hash: D1782106B81464CE0866772D4F494A87

Created files:

%WinDir%\System32\olexmlprov.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\6to4\SBIE_Win32ExitCode: 02000000
HKLM\System\CurrentControlSet\Services\xmlprovkit\Type: 20000000
HKLM\System\CurrentControlSet\Services\xmlprovkit\Start: 02000000
HKLM\System\CurrentControlSet\Services\xmlprovkit\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\xmlprovkit\DisplayName: xmlprovkit
HKLM\System\CurrentControlSet\Services\xmlprovkit\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\xmlprovkit\Parameters\ServiceDll: 2500530079007300740065006D0052006F006F00740025005C00530079007300740065006D00330032005C006F006C00650078006D006C00700072006F0076002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\xmlprovkit\Parameters\ServiceMain: ServiceMain

Detected by UnHackMe:

OLEXMLPROV.DLL
Default location: %SYSDIR%\OLEXMLPROV.DLL

Dropper information:
MD5: f0c4892e5a7ebb7107e906cc3deee1d5
File size: 717824 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images