I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
XMLPRVOR.DLL – Trojan OnLineGames removal
| File | MD5 | Virus Alias |
|---|---|---|
| XMLPRVOR.DLL | 1d40bca93759ef94f75c602fa335aa37 | Trojan OnLineGames |
| XMLPRVOR.DLL | 1d40bca93759ef94f75c602fa335aa37 | Trojan PcClient |
| XMLPRVOR.DLL | 1d40bca93759ef94f75c602fa335aa37 | Trojan Eldorado |
| XMLPRVOR.DLL | 1d40bca93759ef94f75c602fa335aa37 | Trojan Downloader |
| XMLPRVOR.DLL | 1d40bca93759ef94f75c602fa335aa37 | Backdoor PcClien |
| XMLPRVOR.DLL | 1d40bca93759ef94f75c602fa335aa37 | Backdoor Hupigon |
XMLPRVOR.DLL size: 15830567 bytes
XMLPRVOR.DLL hash: 1D40BCA93759EF94F75C602FA335AA37
Created files:
C:\Windows\System32\xmlprvor.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Type: 10000000
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Start: 02000000
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\DisplayName: Network Provisioning Services
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Description: Network Provisioning for Services…
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Load_Path: E96B159D237A9D421C375B7A8A32B775.EXE
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\ConnectGroup: 3306
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\SBIE_Win32ExitCode: 02000000
Detected by UnHackMe:
XMLPRVOR.DLL
Default location: %SYSDIR%\XMLPRVOR.DLL
Dropper information:
MD5: e96b159d237a9d421c375b7a8a32b775
File size: 58605 bytes