I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE – Trojan ModifiedUPX removal
| File | MD5 | Virus Alias |
|---|---|---|
| ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE | cd5ec6bf1338dee33e7560017d4d178a | Trojan ModifiedUPX |
| ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE | cd5ec6bf1338dee33e7560017d4d178a | Trojan Generic |
| ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE | cd5ec6bf1338dee33e7560017d4d178a | Trojan Chifrax |
ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE size: 1059753 bytes
ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE hash: CD5EC6BF1338DEE33E7560017D4D178A
Created files:
%Program Files%\Ujav\Eriz\Oxecs.dll
%Program Files%\Ujav\Ocfze.exe
%Program Files%\Ujav\Pioah.exe
%TEMP%\g831\Advanced.Eudora.Email.Recovery.v2.0.Incl.Keymaker-ROGUE.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Ujav\Pioah.exe
Detected by UnHackMe:
ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE
Default location: %TEMP%\G831\ADVANCED.EUDORA.EMAIL.RECOVERY.V2.0.INCL.KEYMAKER-ROGUE.EXE
Dropper information:
MD5: 3ed3a3a6bdcae08fef66c329e3093781
File size: 3004620 bytes