Solved! Use YCH.SYS (Backdoor Koutodoor) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

YCH.SYS – Backdoor Koutodoor removal

File MD5 Virus Alias
YCH.SYS e2cefb50724f2ba4b87b2e2c31c2bf97 Backdoor Koutodoor
YCH.SYS e2cefb50724f2ba4b87b2e2c31c2bf97 Trojan Generic
YCH.SYS e2cefb50724f2ba4b87b2e2c31c2bf97 Trojan Eldorado
YCH.SYS e2cefb50724f2ba4b87b2e2c31c2bf97 Trojan Agent
YCH.SYS e2cefb50724f2ba4b87b2e2c31c2bf97 Trojan ZBot
YCH.SYS e2cefb50724f2ba4b87b2e2c31c2bf97 Trojan Crypt

YCH.SYS size: 41760 bytes
YCH.SYS hash: E2CEFB50724F2BA4B87B2E2C31C2BF97

Created files:

%SysDir%\drivers\ych.sys
%SysDir%\xvbb.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ych\Type: 01000000
HKLM\System\CurrentControlSet\Services\ych\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ych\DisplayName: ych
HKLM\System\CurrentControlSet\Services\ych\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C007900630068002E007300790073000000

Detected by UnHackMe:

YCH.SYS
Default location: %SYSDIR%\DRIVERS\YCH.SYS

Dropper information:
MD5: 73ad2c97502df46872f3758d2502d140
File size: 151808 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images