PGVDCK.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

PGVDCK.EXE – Backdoor Nitol removal

FileMD5Virus Alias
PGVDCK.EXE 3fc10a541b1a3e07274a24b035d11167 Backdoor Nitol
PGVDCK.EXE 3fc10a541b1a3e07274a24b035d11167 Trojan SuspiciousFile
PGVDCK.EXE 3fc10a541b1a3e07274a24b035d11167 Trojan Generic
PGVDCK.EXE 3fc10a541b1a3e07274a24b035d11167 Trojan Eldorado
PGVDCK.EXE 3fc10a541b1a3e07274a24b035d11167 Trojan Downloader
PGVDCK.EXE 3fc10a541b1a3e07274a24b035d11167 Trojan CI

PGVDCK.EXE size: 46592 bytes
PGVDCK.EXE hash: 3FC10A541B1A3E07274A24B035D11167

Created files:

%SysDir%\pgvdck.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\aspnet_statessdr\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspnet_statessdr\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspnet_statessdr\DisplayName: ASP.NET State Serviceshix Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\aspnet_statessdr\ImagePath: %WinDir%\System32\pgvdck.exe
HKLM\System\CurrentControlSet\Services\aspnet_statessdr\Description: Provides support for out-of-to-processrkv Transaction Coordinator Service.

Detected by UnHackMe:

PGVDCK.EXE
Default location: %SYSDIR%\PGVDCK.EXE

Dropper information:
MD5: 3fc10a541b1a3e07274a24b035d11167
File size: 46592 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images