Solved! Use KSCAN.EXE (Backdoor Zegost) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

KSCAN.EXE – Backdoor Zegost removal

File MD5 Virus Alias
KSCAN.EXE 6b19ede2e10febff18219385758f013a Backdoor Zegost
KSCAN.EXE 6b19ede2e10febff18219385758f013a Trojan Eldorado
KSCAN.EXE 6b19ede2e10febff18219385758f013a Trojan Graftor
KSCAN.EXE 6b19ede2e10febff18219385758f013a Rootkit TDSS
KSCAN.EXE 6b19ede2e10febff18219385758f013a Trojan OnLineGames
KSCAN.EXE 6b19ede2e10febff18219385758f013a Worm Autorun

KSCAN.EXE size: 114688 bytes
KSCAN.EXE hash: 6B19EDE2E10FEBFF18219385758F013A

Created files:

%SysDir%\kscan.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run : %WinDir%\System32\kscan.exe
HKLM\System\CurrentControlSet\Services\Nationaljrq\Type: 10010000
HKLM\System\CurrentControlSet\Services\Nationaljrq\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationaljrq\DisplayName: Nationalyta Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationaljrq\ImagePath: %WinDir%\System32\kscan.exe
HKLM\System\CurrentControlSet\Services\Nationaljrq\Description: Providesmid a domain server for NI security.

Detected by UnHackMe:

KSCAN.EXE
Default location: %SYSDIR%\KSCAN.EXE

Dropper information:
MD5: 6b19ede2e10febff18219385758f013a
File size: 114688 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images