Solved! Use UKWOGI.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

UKWOGI.EXE – Backdoor Nitol removal

FileMD5Virus Alias
UKWOGI.EXE 30d130ba3249569ed547b37346655e41 Backdoor Nitol
UKWOGI.EXE 30d130ba3249569ed547b37346655e41 Trojan SuspiciousFile
UKWOGI.EXE 30d130ba3249569ed547b37346655e41 Trojan Generic
UKWOGI.EXE 30d130ba3249569ed547b37346655e41 Trojan Downloader
UKWOGI.EXE 30d130ba3249569ed547b37346655e41 Trojan CI
UKWOGI.EXE 30d130ba3249569ed547b37346655e41 Trojan Magania

UKWOGI.EXE size: 28672 bytes
UKWOGI.EXE hash: 30D130BA3249569ED547B37346655E41

Created files:

%SysDir%\ukwogi.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\xicpVwxyab Defghijk Mno\Type: 10000000
HKLM\System\CurrentControlSet\Services\xicpVwxyab Defghijk Mno\Start: 02000000
HKLM\System\CurrentControlSet\Services\xicpVwxyab Defghijk Mno\DisplayName: xicp.Vwxyab Defghijk Mnopqrst Vwxy
HKLM\System\CurrentControlSet\Services\xicpVwxyab Defghijk Mno\ImagePath: %WinDir%\System32\ukwogi.exe
HKLM\System\CurrentControlSet\Services\xicpVwxyab Defghijk Mno\Description: xicpVwxyabcd Fghijklmn Pqrstuv Xyabcdef Hij

Detected by UnHackMe:

UKWOGI.EXE
Default location: %SYSDIR%\UKWOGI.EXE

Dropper information:
MD5: 30d130ba3249569ed547b37346655e41
File size: 28672 bytes

Leave a Reply