Solved! Use CGOEGM.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

CGOEGM.EXE – Backdoor Nitol removal

File MD5 Virus Alias
CGOEGM.EXE 0d241930433135febb63a1c7a91c1366 Backdoor Nitol
CGOEGM.EXE 0d241930433135febb63a1c7a91c1366 Trojan, Suspicious File
CGOEGM.EXE 0d241930433135febb63a1c7a91c1366 Trojan Artemis
CGOEGM.EXE 0d241930433135febb63a1c7a91c1366 Trojan Eldorado
CGOEGM.EXE 0d241930433135febb63a1c7a91c1366 Trojan Downloader
CGOEGM.EXE 0d241930433135febb63a1c7a91c1366 Worm MyDoom

CGOEGM.EXE size: 21504 bytes
CGOEGM.EXE hash: 0D241930433135FEBB63A1C7A91C1366

Created files:

%WinDir%\cgoegm.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Abcdef Hijkgwrglmno Qrs\Type: 10010000
HKLM\System\CurrentControlSet\Services\Abcdef Hijkgwrglmno Qrs\Start: 02000000
HKLM\System\CurrentControlSet\Services\Abcdef Hijkgwrglmno Qrs\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Abcdef Hijkgwrglmno Qrs\DisplayName: Abcdef Hijklmno grgrQrstuvwx Abcd
HKLM\System\CurrentControlSet\Services\Abcdef Hijkgwrglmno Qrs\ImagePath: %WinDir%\cgoegm.exe
HKLM\System\CurrentControlSet\Services\Abcdef Hijkgwrglmno Qrs\Description: Abcdefgh Jklmnopqrgrgr Tuvwxya Cdefghij Lmn

Detected by UnHackMe:

CGOEGM.EXE
Default location: %WinDir%\CGOEGM.EXE

Dropper information:
MD5: 0d241930433135febb63a1c7a91c1366
File size: 21504 bytes

Leave a Reply