Solved! Use IMVIA.DLL (Backdoor Hupigon) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

IMVIA.DLL – Backdoor Hupigon removal

File MD5 Virus Alias
IMVIA.DLL 396f8dfe203821e8f7ba66d1cbab778d Backdoor Hupigon
IMVIA.DLL 396f8dfe203821e8f7ba66d1cbab778d Trojan Generic
IMVIA.DLL 396f8dfe203821e8f7ba66d1cbab778d Trojan Eldorado
IMVIA.DLL 396f8dfe203821e8f7ba66d1cbab778d Backdoor Pigeon
IMVIA.DLL 396f8dfe203821e8f7ba66d1cbab778d Trojan Agent
IMVIA.DLL 396f8dfe203821e8f7ba66d1cbab778d Trojan Delf

IMVIA.DLL size: 872836 bytes
IMVIA.DLL hash: 396F8DFE203821E8F7BA66D1CBAB778D

Created files:

%Program Files%\Mejr\Czze.exe
%Program Files%\Mejr\Fuvqp\Imvia.dll
%Program Files%\Mejr\Wzays.exe
%Temp%\g823\Videomach.v5.5.1.Professional.Cracked-F4CG.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Mejr\Czze.exe

Detected by UnHackMe:

IMVIA.DLL
Default location: %PROGRAM FILES%\MEJR\FUVQP\IMVIA.DLL

Dropper information:
MD5: 707d3534161c156a6075a49c0d7a0b7e
File size: 6566199 bytes

Leave a Reply