Trojan

How to remove “UDS:Trojan.Win32.Inject.aolco”?

Malware Removal

The UDS:Trojan.Win32.Inject.aolco is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Trojan.Win32.Inject.aolco virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • HTTPS urls from behavior.
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine UDS:Trojan.Win32.Inject.aolco?



File Info:

name: 4150BA03C74FD4C7C917.mlw
path: /opt/CAPEv2/storage/binaries/bf7c7dffa00c37699480316d6399c9b0681e04238a07aa8b93d856d0ec7a6d12
crc32: B02B55BE
md5: 4150ba03c74fd4c7c917a6521bae7062
sha1: 0400fd4020179926af998e24f3cdd96e54dc8b80
sha256: bf7c7dffa00c37699480316d6399c9b0681e04238a07aa8b93d856d0ec7a6d12
sha512: 2cd6f0317e5cee18101d937dca50fc5db709f3ffe487c1b885a5b7271267f118cb1207770c8816e8acb5a67b985e433be1d1684b88623fe6236c71eca35d7781
ssdeep: 3072:IxtuNO+8s6V5WQeY+8YLmqa/Qh10UNtGOWmXj3hLKKKKKU8AAFTbp8ELQHsoOJN9:IxtW8sscDYvYLOoh1MffJXnIZRav
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T12044D7110A5F1C9FD883F9398B61CE4B86F2AC600D27867679A13D197FF628379612C7
sha3_384: 62e6cd7a5e0dbb026acd675281908df8303063328dfb7dbc1d20b2d8549e431a2c47f7cf4ccd23a9fa485b373666ce3a
ep_bytes: 4883ec28e84f0500004883c428e982fe
timestamp: 2019-05-22 20:42:02


Version Info:

Company: NVIDIA Corporation
FileDescription: NVIDIA Smart Maximise Helper Host
FileVersion: 6.14.10.100.03
InternalName: NvSmartMaxapp64
LegalCopyright: (C) NVIDIA Corporation. All rights reserved.
OriginalFilename: NvSmartMaxapp64.dll
ProductName: NVIDIA Smart Maximise Helper Host version 100.03
ProductVersion: 6.14.10.100.03
Translation: 0x0409 0x04b0

UDS:Trojan.Win32.Inject.aolco also known as:

LionicTrojan.Win32.Inject.1b!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.GenericKD.62488286
FireEyeTrojan.GenericKD.62488286
ALYacTrojan.GenericKD.62488286
MalwarebytesSpyware.Fabookie
ZillyaDownloader.Agent.Win64.3749
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win64/Minerva.2bad2671
K7GWTrojan-Downloader ( 0057fb801 )
K7AntiVirusTrojan-Downloader ( 0057fb801 )
CyrenW64/ABDownloader.FESZ-4539
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/TrojanDownloader.Agent.LI
AvastFileRepMalware [Misc]
ClamAVWin.Downloader.Upatre-9880459-0
KasperskyUDS:Trojan.Win32.Inject.aolco
BitDefenderTrojan.GenericKD.62488286
TencentWin64.Trojan-Downloader.Oader.Ssmw
Ad-AwareTrojan.GenericKD.62488286
EmsisoftTrojan.GenericKD.62488286 (B)
VIPRETrojan.GenericKD.62488286
TrendMicroTROJ_GEN.R002C0PJ822
McAfee-GW-EditionRDN/Generic Downloader.x
SophosMal/Generic-S
Paloaltogeneric.ml
GDataTrojan.GenericKD.62488286
GoogleDetected
AviraTR/YAV.Minerva.vjzpa
Antiy-AVLTrojan/Generic.ASMalwS.77
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.Generic.D3B97EDE
ZoneAlarmUDS:Trojan.Win32.Inject.aolco
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
McAfeeRDN/Generic Downloader.x
MAXmalware (ai score=87)
TrendMicro-HouseCallTROJ_GEN.R002C0PJ822
RisingDownloader.Agent!8.B23 (CLOUD)
MaxSecureTrojan.Malware.119972733.susgen
FortinetW64/Agent.LI!tr.dldr
AVGFileRepMalware [Misc]
PandaTrj/Chgt.AD

How to remove UDS:Trojan.Win32.Inject.aolco?

UDS:Trojan.Win32.Inject.aolco removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment