Solved! Use XMLPRVOR.DLL (Trojan OnLineGames) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

XMLPRVOR.DLL – Trojan OnLineGames removal

File MD5 Virus Alias
XMLPRVOR.DLL 1d40bca93759ef94f75c602fa335aa37 Trojan OnLineGames
XMLPRVOR.DLL 1d40bca93759ef94f75c602fa335aa37 Trojan PcClient
XMLPRVOR.DLL 1d40bca93759ef94f75c602fa335aa37 Trojan Eldorado
XMLPRVOR.DLL 1d40bca93759ef94f75c602fa335aa37 Trojan Downloader
XMLPRVOR.DLL 1d40bca93759ef94f75c602fa335aa37 Backdoor PcClien
XMLPRVOR.DLL 1d40bca93759ef94f75c602fa335aa37 Backdoor Hupigon

XMLPRVOR.DLL size: 15830567 bytes
XMLPRVOR.DLL hash: 1D40BCA93759EF94F75C602FA335AA37

Created files:

C:\Windows\System32\xmlprvor.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Type: 10000000
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Start: 02000000
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\DisplayName: Network Provisioning Services
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Description: Network Provisioning for Services…
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\Load_Path: E96B159D237A9D421C375B7A8A32B775.EXE
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\ConnectGroup: 3306
HKLM\System\CurrentControlSet\Services\xmlprvorjrq\SBIE_Win32ExitCode: 02000000

Detected by UnHackMe:

XMLPRVOR.DLL
Default location: %SYSDIR%\XMLPRVOR.DLL

Dropper information:
MD5: e96b159d237a9d421c375b7a8a32b775
File size: 58605 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images