ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE – Trojan BadReputation

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE – Trojan BadReputation removal

FileMD5Virus Alias
ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE 747d5117600b8c6763ce5af25367cbba Trojan BadReputation
ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE 747d5117600b8c6763ce5af25367cbba Trojan SuspiciousFile
ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE 747d5117600b8c6763ce5af25367cbba Trojan Chifrax

ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE size: 19023692 bytes
ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE hash: 747D5117600B8C6763CE5AF25367CBBA

Created files:

%Program Files%\Nysa\Hiag.exe
%Program Files%\Nysa\Niux\Esfy.dll
%Program Files%\Nysa\Sozwe.exe
%TEMP%\g848\ACEBIT.HELLO.ENGINES.PROFESSIONAL.v6.7.0.0-GRB.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Nysa\Hiag.exe

Detected by UnHackMe:

ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE
Default location: %TEMP%\G848\ACEBIT.HELLO.ENGINES.PROFESSIONAL.V6.7.0.0-GRB.EXE

Dropper information:
MD5: 5042bf836b3d6b97d4115b9235270451
File size: 20968465 bytes

Leave a Reply