I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
EY30.EXE – Trojan SuspiciousFile removal
File | MD5 | Virus Alias |
---|---|---|
EY30.EXE | 60d466e6bd9098d09db48e6e756bb4b3 | Trojan SuspiciousFile |
EY30.EXE size: 100352 bytes
EY30.EXE hash: 60D466E6BD9098D09DB48E6E756BB4B3
Created files:
%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe
%Program Files%\NetMeeting\conf.afw
%Program Files%\NetMeeting\conf.exe
%SysDir%\taskmgr.exe
%SysDir%\Winkxmp.exe
%TEMP%\Etc33.exe
%TEMP%\Ey30.exe
%TEMP%\Gwy31.exe
%TEMP%\Xn2F.exe
%TEMP%\Xrm32.exe
\\VBOXSVR\in\Gouz.txt.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\Gnk0Js4\Type: 10010000
HKLM\System\CurrentControlSet\Services\Gnk0Js4\Start: 03000000
HKLM\System\CurrentControlSet\Services\Gnk0Js4\DisplayName: Gnk0Js4
HKLM\System\CurrentControlSet\Services\Gnk0Js4\ImagePath: \\VBOXSVR\in\Gouz.txt.exe
HKLM\System\CurrentControlSet\Services\Winkxmp\Type: 10010000
HKLM\System\CurrentControlSet\Services\Winkxmp\Start: 02000000
HKLM\System\CurrentControlSet\Services\Winkxmp\DisplayName: Winkxmp
HKLM\System\CurrentControlSet\Services\Winkxmp\ImagePath: %WinDir%\System32\Winkxmp.exe
Detected by UnHackMe:
EY30.EXE
Default location: %TEMP%\EY30.EXE
Dropper information:
MD5: ddb8a3ec1f7a8de8b502141a7af1df80
File size: 81376 bytes