YWQEEU.EXE – Backdoor Xyligan

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

YWQEEU.EXE – Backdoor Xyligan removal

FileMD5Virus Alias
YWQEEU.EXE ab98e47694d417e535afb82721918181 Backdoor Xyligan
YWQEEU.EXE ab98e47694d417e535afb82721918181 Trojan ModifiedUPX
YWQEEU.EXE ab98e47694d417e535afb82721918181 Trojan SuspiciousFile
YWQEEU.EXE ab98e47694d417e535afb82721918181 Trojan XPACK
YWQEEU.EXE ab98e47694d417e535afb82721918181 Trojan Generic
YWQEEU.EXE ab98e47694d417e535afb82721918181 Trojan Agent

YWQEEU.EXE size: 422400 bytes
YWQEEU.EXE hash: AB98E47694D417E535AFB82721918181

Created files:

%SysDir%\ywqeeu.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\parksvc\Type: 10000000
HKLM\System\CurrentControlSet\Services\parksvc\Start: 02000000
HKLM\System\CurrentControlSet\Services\parksvc\DisplayName: parkte Command Service
HKLM\System\CurrentControlSet\Services\parksvc\ImagePath: %WinDir%\System32\ywqeeu.exe
HKLM\System\CurrentControlSet\Services\parksvc\Description: parkows Resource Kit

Detected by UnHackMe:

YWQEEU.EXE
Default location: %SYSDIR%\YWQEEU.EXE

Dropper information:
MD5: ab98e47694d417e535afb82721918181
File size: 422400 bytes

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images