Solved! Use XVBB.DLL (Backdoor Koutodoor) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

XVBB.DLL – Backdoor Koutodoor removal

FileMD5Virus Alias
XVBB.DLL c621b1bf25a017c65fde9036b3a8d08f Backdoor Koutodoor
XVBB.DLL c621b1bf25a017c65fde9036b3a8d08f Trojan Generic
XVBB.DLL c621b1bf25a017c65fde9036b3a8d08f Trojan Eldorado
XVBB.DLL c621b1bf25a017c65fde9036b3a8d08f Trojan Adload
XVBB.DLL c621b1bf25a017c65fde9036b3a8d08f Trojan Agent
XVBB.DLL c621b1bf25a017c65fde9036b3a8d08f Trojan Crypt

XVBB.DLL size: 65536 bytes
XVBB.DLL hash: C621B1BF25A017C65FDE9036B3A8D08F

Created files:

%SysDir%\drivers\ych.sys
%SysDir%\xvbb.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ych\Type: 01000000
HKLM\System\CurrentControlSet\Services\ych\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ych\DisplayName: ych
HKLM\System\CurrentControlSet\Services\ych\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C007900630068002E007300790073000000

Detected by UnHackMe:

XVBB.DLL
Default location: %SYSDIR%\XVBB.DLL

Dropper information:
MD5: 73ad2c97502df46872f3758d2502d140
File size: 151808 bytes

Leave a Reply