WMPCOLEF.DLL – Trojan Agent

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WMPCOLEF.DLL – Trojan Agent removal

FileMD5Virus Alias
WMPCOLEF.DLL 2abaad4267a89f78769bc4c082bbb6d0 Trojan Agent
WMPCOLEF.DLL 2abaad4267a89f78769bc4c082bbb6d0 Trojan Generic
WMPCOLEF.DLL 2abaad4267a89f78769bc4c082bbb6d0 Trojan Eldorado
WMPCOLEF.DLL 2abaad4267a89f78769bc4c082bbb6d0 Trojan CI

WMPCOLEF.DLL size: 212992 bytes
WMPCOLEF.DLL hash: 2ABAAD4267A89F78769BC4C082BBB6D0

Created files:

%SysDir%\wmpcolef.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\EventLogCopy\Type: 10000000
HKLM\System\CurrentControlSet\Services\EventLogCopy\Start: 02000000
HKLM\System\CurrentControlSet\Services\EventLogCopy\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\EventLogCopy\DisplayName: Wbem Event Log Copy
HKLM\System\CurrentControlSet\Services\EventLogCopy\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\EventLogCopy\SBIE_Win32ExitCode: 02000000
HKLM\System\CurrentControlSet\Services\EventLogCopy\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0077006D00700063006F006C00650066002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxHashTableSize: 00080000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort: FEFF0000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions: 02000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpTimedWaitDelay: 1E000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TCPFinWait2Delay: 1E000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxPortsExhausted: 05000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxHalfOpen: 00050000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxHalfOpenRetried: 00040000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions: 0A000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime: E0930400
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveInterval: E8030000

Detected by UnHackMe:

WMPCOLEF.DLL
Default location: %SYSDIR%\WMPCOLEF.DLL

Dropper information:
MD5: 1e6dbbcbd854b3fd093714e44f00c16c
File size: 303104 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images