Solved! Use SERVTESTLINUX.DLL (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

SERVTESTLINUX.DLL – Backdoor Nitol removal

File MD5 Virus Alias
SERVTESTLINUX.DLL 02ec40186f38b959557d51783a22edc4 Backdoor Nitol
SERVTESTLINUX.DLL 02ec40186f38b959557d51783a22edc4 Trojan Generic
SERVTESTLINUX.DLL 02ec40186f38b959557d51783a22edc4 Trojan Eldorado
SERVTESTLINUX.DLL 02ec40186f38b959557d51783a22edc4 Trojan Downloader
SERVTESTLINUX.DLL 02ec40186f38b959557d51783a22edc4 Trojan Agent

SERVTESTLINUX.DLL size: 143497 bytes
SERVTESTLINUX.DLL hash: 02EC40186F38B959557D51783A22EDC4

Created files:

%WinDir%\ServTestlinux.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ServTestlinux\Type: 20000000
HKLM\System\CurrentControlSet\Services\ServTestlinux\Start: 02000000
HKLM\System\CurrentControlSet\Services\ServTestlinux\DisplayName: ServTestlinux
HKLM\System\CurrentControlSet\Services\ServTestlinux\ImagePath: %SystemRoot%\System32\svchost.exe -k ServTestlinux
HKLM\System\CurrentControlSet\Services\ServTestlinux\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00530065007200760054006500730074006C0069006E00750078002E0064006C006C000000

Detected by UnHackMe:

SERVTESTLINUX.DLL
Default location: %WinDir%\SERVTESTLINUX.DLL

Dropper information:
MD5: bd657125f681f49b608bf89e23ad8219
File size: 143497 bytes

Leave a Reply