Solved! Use YHDTJ.SYS (Backdoor Koutodoor) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

YHDTJ.SYS – Backdoor Koutodoor removal

FileMD5Virus Alias
YHDTJ.SYS 412cd18e975e4e1e8a4533d44cbdf620 Backdoor Koutodoor
YHDTJ.SYS 412cd18e975e4e1e8a4533d44cbdf620 Trojan Generic
YHDTJ.SYS 412cd18e975e4e1e8a4533d44cbdf620 Trojan Eldorado
YHDTJ.SYS 412cd18e975e4e1e8a4533d44cbdf620 Worm AMN
YHDTJ.SYS 412cd18e975e4e1e8a4533d44cbdf620 Trojan Siggen
YHDTJ.SYS 412cd18e975e4e1e8a4533d44cbdf620 Trojan Agent

YHDTJ.SYS size: 38432 bytes
YHDTJ.SYS hash: 412CD18E975E4E1E8A4533D44CBDF620

Created files:

%SysDir%\drivers\yhdtj.sys
%SysDir%\zwouc.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\yhdtj\Type: 01000000
HKLM\System\CurrentControlSet\Services\yhdtj\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\yhdtj\DisplayName: yhdtj
HKLM\System\CurrentControlSet\Services\yhdtj\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C0079006800640074006A002E007300790073000000

Detected by UnHackMe:

YHDTJ.SYS
Default location: %SYSDIR%\DRIVERS\YHDTJ.SYS

Dropper information:
MD5: 0f55c96d203d171e3801bb974488a316
File size: 123136 bytes

Leave a Reply