Solved! Use YGCCGW.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

YGCCGW.EXE – Backdoor Nitol removal

File MD5 Virus Alias
YGCCGW.EXE fb13cec092850725fc2b8de55c6fc122 Backdoor Nitol
YGCCGW.EXE fb13cec092850725fc2b8de55c6fc122 Trojan SuspiciousFile
YGCCGW.EXE fb13cec092850725fc2b8de55c6fc122 Trojan Eldorado
YGCCGW.EXE fb13cec092850725fc2b8de55c6fc122 Backdoor RBot
YGCCGW.EXE fb13cec092850725fc2b8de55c6fc122 Trojan Magania
YGCCGW.EXE fb13cec092850725fc2b8de55c6fc122 Trojan Agent

YGCCGW.EXE size: 37376 bytes
YGCCGW.EXE hash: FB13CEC092850725FC2B8DE55C6FC122

Created files:

%SysDir%\ygccgw.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationalajd\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationalajd\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationalajd\DisplayName: Nationalwpc Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationalajd\ImagePath: %WinDir%\System32\ygccgw.exe
HKLM\System\CurrentControlSet\Services\Nationalajd\Description: Providesmuo a domain server for NI security.

Detected by UnHackMe:

YGCCGW.EXE
Default location: %SYSDIR%\YGCCGW.EXE

Dropper information:
MD5: fb13cec092850725fc2b8de55c6fc122
File size: 37376 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images