Solved! Use VQPZGO.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

VQPZGO.EXE – Backdoor Nitol removal

File MD5 Virus Alias
VQPZGO.EXE f7cebb6c2d5e50fa348dc30837845e9c Backdoor Nitol
VQPZGO.EXE f7cebb6c2d5e50fa348dc30837845e9c Trojan SuspiciousFile
VQPZGO.EXE f7cebb6c2d5e50fa348dc30837845e9c Trojan Artemis
VQPZGO.EXE f7cebb6c2d5e50fa348dc30837845e9c Trojan XPACK
VQPZGO.EXE f7cebb6c2d5e50fa348dc30837845e9c Trojan Eldorado
VQPZGO.EXE f7cebb6c2d5e50fa348dc30837845e9c Trojan Graftor

VQPZGO.EXE size: 49152 bytes
VQPZGO.EXE hash: F7CEBB6C2D5E50FA348DC30837845E9C

Created files:

%WinDir%\vqpzgo.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Abcdef Hijklmno Qrs\Type: 10010000
HKLM\System\CurrentControlSet\Services\Abcdef Hijklmno Qrs\Start: 02000000
HKLM\System\CurrentControlSet\Services\Abcdef Hijklmno Qrs\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Abcdef Hijklmno Qrs\DisplayName: Abcdef Hijklmno Qrstuvwx Abcd
HKLM\System\CurrentControlSet\Services\Abcdef Hijklmno Qrs\ImagePath: %WinDir%\vqpzgo.exe

Detected by UnHackMe:

VQPZGO.EXE
Default location: %WinDir%\VQPZGO.EXE

Dropper information:
MD5: f7cebb6c2d5e50fa348dc30837845e9c
File size: 49152 bytes

Leave a Reply