OMD5F.EXE – Trojan SuspiciousFile

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

OMD5F.EXE – Trojan SuspiciousFile removal

FileMD5Virus Alias
OMD5F.EXE 217751f1e267b81842f93cdf3e4ddcc0 Trojan SuspiciousFile
OMD5F.EXE 217751f1e267b81842f93cdf3e4ddcc0 Trojan Hllw

OMD5F.EXE size: 86695 bytes
OMD5F.EXE hash: 217751F1E267B81842F93CDF3E4DDCC0

Created files:

%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe
%Program Files%\NetMeeting\conf.kyu
%Program Files%\Windows NT\dialer.ucl
%SysDir%\Winkabw.exe
%TEMP%\Ech5B.exe
%TEMP%\Ek5C.exe
%TEMP%\Ibo5E.exe
%TEMP%\Igl5D.exe
%TEMP%\No5A.exe
%TEMP%\Omd5F.exe
%TEMP%\Wew60.exe
\\VBOXSVR\in\Yc.htm.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\I88081R25\Type: 10010000
HKLM\System\CurrentControlSet\Services\I88081R25\Start: 03000000
HKLM\System\CurrentControlSet\Services\I88081R25\DisplayName: I88081R25
HKLM\System\CurrentControlSet\Services\I88081R25\ImagePath: \\VBOXSVR\in\Yc.htm.exe
HKLM\System\CurrentControlSet\Services\Winkabw\Type: 10010000
HKLM\System\CurrentControlSet\Services\Winkabw\Start: 02000000
HKLM\System\CurrentControlSet\Services\Winkabw\DisplayName: Winkabw
HKLM\System\CurrentControlSet\Services\Winkabw\ImagePath: %WinDir%\System32\Winkabw.exe

Detected by UnHackMe:

OMD5F.EXE
Default location: %TEMP%\OMD5F.EXE

Dropper information:
MD5: 39ddb7a7c07133320f112d8de37119eb
File size: 79972 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images