I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
IQYIQO.EXE – Backdoor Xyligan removal
| File | MD5 | Virus Alias |
|---|---|---|
| IQYIQO.EXE | 8ef9e918f64867221b2eccb09a9245f0 | Backdoor Xyligan |
| IQYIQO.EXE | 8ef9e918f64867221b2eccb09a9245f0 | Trojan Artemis |
| IQYIQO.EXE | 8ef9e918f64867221b2eccb09a9245f0 | Trojan Generic |
| IQYIQO.EXE | 8ef9e918f64867221b2eccb09a9245f0 | Trojan Eldorado |
| IQYIQO.EXE | 8ef9e918f64867221b2eccb09a9245f0 | Backdoor RBot |
| IQYIQO.EXE | 8ef9e918f64867221b2eccb09a9245f0 | Trojan Downloader |
IQYIQO.EXE size: 350645 bytes
IQYIQO.EXE hash: 8EF9E918F64867221B2ECCB09A9245F0
Created files:
%SysDir%\gei33.dll
%SysDir%\iqyiqo.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\netscvre\Type: 10000000
HKLM\System\CurrentControlSet\Services\netscvre\Start: 02000000
HKLM\System\CurrentControlSet\Services\netscvre\DisplayName: NT LM Security Support Providers
HKLM\System\CurrentControlSet\Services\netscvre\ImagePath: %WinDir%\System32\iqyiqo.exe
HKLM\System\CurrentControlSet\Services\netscvre\Description: NT LM Security Support Providers
Detected by UnHackMe:
IQYIQO.EXE
Default location: %SYSDIR%\IQYIQO.EXE
Dropper information:
MD5: 8ef9e918f64867221b2eccb09a9245f0
File size: 350645 bytes