Solved! Use POHLKM.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

POHLKM.EXE – Backdoor Nitol removal

File MD5 Virus Alias
POHLKM.EXE aa63e3afe298177560f1fed438c46449 Backdoor Nitol
POHLKM.EXE aa63e3afe298177560f1fed438c46449 Trojan SuspiciousFile
POHLKM.EXE aa63e3afe298177560f1fed438c46449 Trojan Artemis
POHLKM.EXE aa63e3afe298177560f1fed438c46449 Trojan Eldorado
POHLKM.EXE aa63e3afe298177560f1fed438c46449 Trojan Downloader
POHLKM.EXE aa63e3afe298177560f1fed438c46449 Trojan CI

POHLKM.EXE size: 34304 bytes
POHLKM.EXE hash: AA63E3AFE298177560F1FED438C46449

Created files:

%SysDir%\pohlkm.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationaloqp\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationaloqp\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationaloqp\DisplayName: Nationalrvb Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationaloqp\ImagePath: %WinDir%\System32\pohlkm.exe
HKLM\System\CurrentControlSet\Services\Nationaloqp\Description: Providesfqn a domain server for NI security.

Detected by UnHackMe:

POHLKM.EXE
Default location: %SYSDIR%\POHLKM.EXE

Dropper information:
MD5: aa63e3afe298177560f1fed438c46449
File size: 34304 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images