Solved! Use IQCKQI.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

IQCKQI.EXE – Backdoor Nitol removal

FileMD5Virus Alias
IQCKQI.EXE 58f249ac2688296ca9022184f8e59f38 Backdoor Nitol
IQCKQI.EXE 58f249ac2688296ca9022184f8e59f38 Trojan Eldorado
IQCKQI.EXE 58f249ac2688296ca9022184f8e59f38 Trojan OnLineGames
IQCKQI.EXE 58f249ac2688296ca9022184f8e59f38 Trojan Agent
IQCKQI.EXE 58f249ac2688296ca9022184f8e59f38 Virus Sality
IQCKQI.EXE 58f249ac2688296ca9022184f8e59f38 Trojan Scar

IQCKQI.EXE size: 87040 bytes
IQCKQI.EXE hash: 58F249AC2688296CA9022184F8E59F38

Created files:

%SysDir%\gei33.dll
%SysDir%\iqckqi.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\aspneasdassejx\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspneasdassejx\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspneasdassejx\DisplayName: ASP.NET asdaasdn Coordinator Service
HKLM\System\CurrentControlSet\Services\aspneasdassejx\ImagePath: %WinDir%\System32\iqckqi.exe
HKLM\System\CurrentControlSet\Services\aspneasdassejx\Description: Provides suppasdafaso-processigb Transaction Coordinator Service.

Detected by UnHackMe:

IQCKQI.EXE
Default location: %SYSDIR%\IQCKQI.EXE

Dropper information:
MD5: 58f249ac2688296ca9022184f8e59f38
File size: 87040 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images