WINFILTER.DLL is Trojan Undef

Detected by UnHackMe:

WINFILTER.DLL
Default location: %Common Appdata%\WinFilter\WinFilter.dll

Removal Results: Success
Number of reboot: 1

WINFILTER.DLL is known as:

Trojan.Undef

WINFILTER.DLL hash:

• MD5: d2bb6bc0fe29a62366e9c40566f4b548

Registry:

• HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{8c33f9f6}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\WINFIL~1\WINFIL~1.DLL”,_uninstall /un”
• HKLM\System\CurrentControlSet\Services\8c33f9f6\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
• HKLM\System\CurrentControlSet\Services\8c33f9f6\Type: 0×00000010
• HKLM\System\CurrentControlSet\Services\8c33f9f6\Start: 0×00000002
• HKLM\System\CurrentControlSet\Services\8c33f9f6\ErrorControl: 0×00000000
• HKLM\System\CurrentControlSet\Services\8c33f9f6\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\winfil~1\WinFilterSvc.dll”,service”
• HKLM\System\CurrentControlSet\Services\8c33f9f6\DisplayName: “WinFilter”
• HKLM\System\CurrentControlSet\Services\8c33f9f6\ObjectName: “LocalSystem”
• HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\winfil~1\winfil~1.dll”

Folders:

• %Common Appdata%\WinFilter

Files:

• %Temp%\__tmp_2e311bb1
• %Common Appdata%\WinFilter\WinFilter.dll
• %Common Appdata%\WinFilter\WinFilterSvc.dll