Solved! Use RERNEA.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RERNEA.EXE – Backdoor Nitol removal

FileMD5Virus Alias
RERNEA.EXE e227c2a4217c343091216cb4c16e6b7d Backdoor Nitol
RERNEA.EXE e227c2a4217c343091216cb4c16e6b7d Trojan Generic
RERNEA.EXE e227c2a4217c343091216cb4c16e6b7d Trojan Downloader
RERNEA.EXE e227c2a4217c343091216cb4c16e6b7d Trojan Siggen
RERNEA.EXE e227c2a4217c343091216cb4c16e6b7d Trojan Agent
RERNEA.EXE e227c2a4217c343091216cb4c16e6b7d Trojan Small

RERNEA.EXE size: 39936 bytes
RERNEA.EXE hash: E227C2A4217C343091216CB4C16E6B7D

Created files:

%SysDir%\hra33.dll
%SysDir%\rernea.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Distribuwco\Type: 10000000
HKLM\System\CurrentControlSet\Services\Distribuwco\Start: 02000000
HKLM\System\CurrentControlSet\Services\Distribuwco\DisplayName: Distribuvns Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\Distribuwco\ImagePath: %WinDir%\System32\rernea.exe
HKLM\System\CurrentControlSet\Services\Distribuwco\Description: Distribuuou Transaction Coordinator Service.

Detected by UnHackMe:

RERNEA.EXE
Default location: %SYSDIR%\RERNEA.EXE

Dropper information:
MD5: 065906c6e4fed50dd61608cccd401b09
File size: 47616 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images