NKGHYDEV.JYC – Backdoor SubSeven

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

NKGHYDEV.JYC – Backdoor SubSeven removal

FileMD5Virus Alias
NKGHYDEV.JYC 995d98226ac0f19315587d3d579fdffb Backdoor SubSeven
NKGHYDEV.JYC 995d98226ac0f19315587d3d579fdffb Trojan Generic
NKGHYDEV.JYC 995d98226ac0f19315587d3d579fdffb Trojan Agent

NKGHYDEV.JYC size: 129200 bytes
NKGHYDEV.JYC hash: 995D98226AC0F19315587D3D579FDFFB

Created files:

%SysDir%\ajid.msm
%SysDir%\ckoq.opd
%SysDir%\drivers\etc\services
%SysDir%\fmtch.aui
%SysDir%\fxdbax.ocl
%SysDir%\llsotero.rqj
%SysDir%\lnvgpdj.exe
%SysDir%\lqybxuxo.oaj
%SysDir%\nkghydev.jyc
%SysDir%\qnrgbpy.oga
%SysDir%\rwyc.cnl
%SysDir%\srv32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\lnvgpdj\StubPath: %WinDir%\System32\lnvgpdj.exe

Detected by UnHackMe:

NKGHYDEV.JYC
Default location: %SYSDIR%\NKGHYDEV.JYC

Dropper information:
MD5: 1289cb9081b3188951ad7a023f352fc0
File size: 869007 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images