LCVDCY.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

LCVDCY.EXE – Backdoor Nitol removal

FileMD5Virus Alias
LCVDCY.EXE 684eb060563377e3d3e1772f1dc5761c Backdoor Nitol
LCVDCY.EXE 684eb060563377e3d3e1772f1dc5761c Trojan SuspiciousFile
LCVDCY.EXE 684eb060563377e3d3e1772f1dc5761c Trojan Eldorado
LCVDCY.EXE 684eb060563377e3d3e1772f1dc5761c Backdoor RBot
LCVDCY.EXE 684eb060563377e3d3e1772f1dc5761c Trojan Downloader
LCVDCY.EXE 684eb060563377e3d3e1772f1dc5761c Trojan Agent

LCVDCY.EXE size: 71168 bytes
LCVDCY.EXE hash: 684EB060563377E3D3E1772F1DC5761C

Created files:

%SysDir%\gei33.dll
%SysDir%\lcvdcy.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\aspnet_states\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspnet_states\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspnet_states\DisplayName: ASP.NET State Services
HKLM\System\CurrentControlSet\Services\aspnet_states\ImagePath: %WinDir%\System32\lcvdcy.exe
HKLM\System\CurrentControlSet\Services\aspnet_states\Description: Provides support for out-of-to-process

Detected by UnHackMe:

LCVDCY.EXE
Default location: %SYSDIR%\LCVDCY.EXE

Dropper information:
MD5: 39a4c9e6d33894bf43552ccabe7773d7
File size: 80896 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images