I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
NICRS9FT.SYS – Trojan Eldorado removal
File | MD5 | Virus Alias |
---|---|---|
NICRS9FT.SYS | 27fac4066c9c3e263b863ebc943482f6 | Trojan Eldorado |
NICRS9FT.SYS | 27fac4066c9c3e263b863ebc943482f6 | Trojan BadReputation |
NICRS9FT.SYS size: 6656 bytes
NICRS9FT.SYS hash: 27FAC4066C9C3E263B863EBC943482F6
Created files:
%SysDir%\NicrS9ft.sys
%SysDir%\ojrtysnv.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0200804\Ime File: OJRTYSNV.DLL
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0200804\Layout Text: ????
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0200804\Layout File: kbdus.dll
HKLM\System\CurrentControlSet\Services\NicrS9ft\Type: 01000000
HKLM\System\CurrentControlSet\Services\NicrS9ft\Start: 03000000
HKLM\System\CurrentControlSet\Services\NicrS9ft\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NicrS9ft\DisplayName: NicrS9ft
HKLM\System\CurrentControlSet\Services\NicrS9ft\ImagePath: %WinDir%\System32\NicrS9ft.sys
Detected by UnHackMe:
NICRS9FT.SYS
Default location: %SYSDIR%\NICRS9FT.SYS
Dropper information:
MD5: e1efde1d41e39e6fd89e514fc3c8498a
File size: 5128192 bytes