I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE – Trojan SuspiciousFile removal
| File | MD5 | Virus Alias |
|---|---|---|
| SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE | 9c9f1f7d0f7e939a74c0dbc62fdb2eec | Trojan SuspiciousFile |
| SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE | 9c9f1f7d0f7e939a74c0dbc62fdb2eec | Trojan Chifrax |
SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE size: 4656533 bytes
SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE hash: 9C9F1F7D0F7E939A74C0DBC62FDB2EEC
Created files:
%Program Files%\Yqaxu\Icicy.exe
%Program Files%\Yqaxu\Ioicw.exe
%Program Files%\Yqaxu\Iuxn\Ioik.dll
%TEMP%\g8C7\SafelyRemove.USB.Safely.Remove.v4.1.4.794.BETA.Win2kXPVista.Cracked-CRD.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Yqaxu\Ioicw.exe
Detected by UnHackMe:
SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE
Default location: %TEMP%\G8C7\SAFELYREMOVE.USB.SAFELY.REMOVE.V4.1.4.794.BETA.WIN2KXPVISTA.CRACKED-CRD.EXE
Dropper information:
MD5: da59ceca34de9de680aac4317947b4c2
File size: 6601350 bytes