Solved! Use YGCCGW.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

YGCCGW.EXE – Backdoor Nitol removal

FileMD5Virus Alias
YGCCGW.EXE 98462525bdeffec21832decdcd48a6cb Backdoor Nitol
YGCCGW.EXE 98462525bdeffec21832decdcd48a6cb Trojan DLOADER
YGCCGW.EXE 98462525bdeffec21832decdcd48a6cb Trojan SuspiciousFile
YGCCGW.EXE 98462525bdeffec21832decdcd48a6cb Trojan Artemis
YGCCGW.EXE 98462525bdeffec21832decdcd48a6cb Trojan Generic
YGCCGW.EXE 98462525bdeffec21832decdcd48a6cb Trojan Eldorado

YGCCGW.EXE size: 94208 bytes
YGCCGW.EXE hash: 98462525BDEFFEC21832DECDCD48A6CB

Created files:

%SysDir%\ygccgw.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Pqrstu12 Wxyabcde Ghi\Type: 10000000
HKLM\System\CurrentControlSet\Services\Pqrstu12 Wxyabcde Ghi\Start: 02000000
HKLM\System\CurrentControlSet\Services\Pqrstu12 Wxyabcde Ghi\DisplayName: Pqrstu44 Wxyabcde Ghijklmn Pqrs
HKLM\System\CurrentControlSet\Services\Pqrstu12 Wxyabcde Ghi\ImagePath: %WinDir%\System32\ygccgw.exe
HKLM\System\CurrentControlSet\Services\Pqrstu12 Wxyabcde Ghi\Description: Pqrstuv41aw Yabcdefgh Jklmnop Rstuvwxy Bcd

Detected by UnHackMe:

YGCCGW.EXE
Default location: %SYSDIR%\YGCCGW.EXE

Dropper information:
MD5: 98462525bdeffec21832decdcd48a6cb
File size: 94208 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images