LCHLCI.EXE – Backdoor Nitol

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

LCHLCI.EXE – Backdoor Nitol removal

FileMD5Virus Alias
LCHLCI.EXE d7fe057391d569fede1d26353b321a4c Backdoor Nitol
LCHLCI.EXE d7fe057391d569fede1d26353b321a4c Trojan SuspiciousFile
LCHLCI.EXE d7fe057391d569fede1d26353b321a4c Trojan Eldorado
LCHLCI.EXE d7fe057391d569fede1d26353b321a4c Trojan Downloader
LCHLCI.EXE d7fe057391d569fede1d26353b321a4c Trojan Agent
LCHLCI.EXE d7fe057391d569fede1d26353b321a4c Trojan Jorik

LCHLCI.EXE size: 56832 bytes
LCHLCI.EXE hash: D7FE057391D569FEDE1D26353B321A4C

Created files:

%SysDir%\lchlci.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\DSLserveroay\Type: 10000000
HKLM\System\CurrentControlSet\Services\DSLserveroay\Start: 02000000
HKLM\System\CurrentControlSet\Services\DSLserveroay\DisplayName: DCOM Serverrua Process Launcher.
HKLM\System\CurrentControlSet\Services\DSLserveroay\ImagePath: %WinDir%\System32\lchlci.exe
HKLM\System\CurrentControlSet\Services\DSLserveroay\Description: DCOM Serverglt Process Launcher..

Detected by UnHackMe:

LCHLCI.EXE
Default location: %SYSDIR%\LCHLCI.EXE

Dropper information:
MD5: d7fe057391d569fede1d26353b321a4c
File size: 56832 bytes

Leave a Reply