GOCLEAR.EXE – Backdoor Zegost

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

GOCLEAR.EXE – Backdoor Zegost removal

FileMD5Virus Alias
GOCLEAR.EXE 5a331b85ac349ad40555a6822e02a608 Backdoor Zegost
GOCLEAR.EXE 5a331b85ac349ad40555a6822e02a608 Trojan PcClient
GOCLEAR.EXE 5a331b85ac349ad40555a6822e02a608 Trojan SuspiciousFile
GOCLEAR.EXE 5a331b85ac349ad40555a6822e02a608 Trojan Generic
GOCLEAR.EXE 5a331b85ac349ad40555a6822e02a608 Trojan Eldorado
GOCLEAR.EXE 5a331b85ac349ad40555a6822e02a608 Backdoor RBot

GOCLEAR.EXE size: 90112 bytes
GOCLEAR.EXE hash: 5A331B85AC349AD40555A6822E02A608

Created files:

%SysDir%\Goclear.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Windows DPCDS V2\Type: 10000000
HKLM\System\CurrentControlSet\Services\Windows DPCDS V2\Start: 02000000
HKLM\System\CurrentControlSet\Services\Windows DPCDS V2\DisplayName: Windows DPCDS V2 Server 1.0
HKLM\System\CurrentControlSet\Services\Windows DPCDS V2\ImagePath: %WinDir%\System32\Goclear.exe
HKLM\System\CurrentControlSet\Services\Windows DPCDS V2\Description: This is Windows DPCDS V2 Server 1.0

Detected by UnHackMe:

GOCLEAR.EXE
Default location: %SYSDIR%\GOCLEAR.EXE

Dropper information:
MD5: 5a331b85ac349ad40555a6822e02a608
File size: 90112 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images