Backdoor Nitol – cgwggg.exe – 2e41110a365ecaa9c6f9fe1845adc9d9

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

Backdoor Nitol
Also known as: Backdoor RBot, Trojan Generic
SHA256: 97338a2d7171b30ffa266a9243d646d5bcbebf8df0951451d6456502465dca14
SHA1: 6922c41eb5306cc6ac3aef606655aadf43135a91
MD5: 2e41110a365ecaa9c6f9fe1845adc9d9
File size: 454479 bytes

Created files:

%WinDir%\cgwggg.exe – Backdoor Nitol

Backdoor Nitol created autostart registry keys:

HKLM\System\CurrentControlSet\Services\DSLserveryii\Type: 10000000
HKLM\System\CurrentControlSet\Services\DSLserveryii\Start: 02000000
HKLM\System\CurrentControlSet\Services\DSLserveryii\DisplayName: DCOM Serveribt Process Launcher.
HKLM\System\CurrentControlSet\Services\DSLserveryii\ImagePath: %WinDir%\cgwggg.exe
HKLM\System\CurrentControlSet\Services\DSLserveryii\Description: DCOM Serverwry Process Launcher..

Leave a Reply