NICRS9FT.SYS – Trojan Eldorado

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

NICRS9FT.SYS – Trojan Eldorado removal

FileMD5Virus Alias
NICRS9FT.SYS 27fac4066c9c3e263b863ebc943482f6 Trojan Eldorado
NICRS9FT.SYS 27fac4066c9c3e263b863ebc943482f6 Trojan WS.Reputation

NICRS9FT.SYS size: 6656 bytes
NICRS9FT.SYS hash: 27FAC4066C9C3E263B863EBC943482F6

Created files:

%SysDir%\NicrS9ft.sys
%SysDir%\ufozcolo.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0200804\Ime File: UFOZCOLO.DLL
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0200804\Layout Text: ????
HKLM\System\CurrentControlSet\Control\Keyboard Layouts\E0200804\Layout File: kbdus.dll
HKLM\System\CurrentControlSet\Services\NicrS9ft\Type: 01000000
HKLM\System\CurrentControlSet\Services\NicrS9ft\Start: 03000000
HKLM\System\CurrentControlSet\Services\NicrS9ft\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NicrS9ft\DisplayName: NicrS9ft
HKLM\System\CurrentControlSet\Services\NicrS9ft\ImagePath: %WinDir%\System32\NicrS9ft.sys

Detected by UnHackMe:

NICRS9FT.SYS
Default location: %SYSDIR%\NICRS9FT.SYS

Dropper information:
MD5: 03e12ab3b8f727e2d4bb3e21841a042d
File size: 5517312 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images