I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
YCEOCE.EXE – Backdoor Nitol removal
| File | MD5 | Virus Alias |
|---|---|---|
| YCEOCE.EXE | efcd82333e034fb0a30adfd114a96d28 | Backdoor Nitol |
| YCEOCE.EXE | efcd82333e034fb0a30adfd114a96d28 | Trojan SuspiciousFile |
| YCEOCE.EXE | efcd82333e034fb0a30adfd114a96d28 | Trojan Generic |
| YCEOCE.EXE | efcd82333e034fb0a30adfd114a96d28 | Trojan Eldorado |
| YCEOCE.EXE | efcd82333e034fb0a30adfd114a96d28 | Trojan Downloader |
| YCEOCE.EXE | efcd82333e034fb0a30adfd114a96d28 | Trojan CI |
YCEOCE.EXE size: 15872 bytes
YCEOCE.EXE hash: EFCD82333E034FB0A30ADFD114A96D28
Created files:
%SysDir%\yceoce.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\aspnet_statesqlc\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspnet_statesqlc\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspnet_statesqlc\DisplayName: ASP.NET State Servicesdce Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\aspnet_statesqlc\ImagePath: %WinDir%\System32\yceoce.exe
HKLM\System\CurrentControlSet\Services\aspnet_statesqlc\Description: Provides support for out-of-to-processvhr Transaction Coordinator Service.
Detected by UnHackMe:
YCEOCE.EXE
Default location: %SYSDIR%\YCEOCE.EXE
Dropper information:
MD5: efcd82333e034fb0a30adfd114a96d28
File size: 15872 bytes