Solved! Use BOBLOU.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

BOBLOU.EXE – Backdoor Nitol removal

FileMD5Virus Alias
BOBLOU.EXE 04057d0b78a2b10b89746bec6caf27d6 Backdoor Nitol
BOBLOU.EXE 04057d0b78a2b10b89746bec6caf27d6 Trojan, Suspicious File
BOBLOU.EXE 04057d0b78a2b10b89746bec6caf27d6 Trojan Artemis
BOBLOU.EXE 04057d0b78a2b10b89746bec6caf27d6 Trojan Eldorado
BOBLOU.EXE 04057d0b78a2b10b89746bec6caf27d6 Trojan Downloader
BOBLOU.EXE 04057d0b78a2b10b89746bec6caf27d6 Trojan Agent

BOBLOU.EXE size: 21504 bytes
BOBLOU.EXE hash: 04057D0B78A2B10B89746BEC6CAF27D6

Created files:

%WinDir%\boblou.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\dfsfd\Type: 10010000
HKLM\System\CurrentControlSet\Services\dfsfd\Start: 02000000
HKLM\System\CurrentControlSet\Services\dfsfd\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\dfsfd\DisplayName: dfdfdf
HKLM\System\CurrentControlSet\Services\dfsfd\ImagePath: %WinDir%\boblou.exe
HKLM\System\CurrentControlSet\Services\dfsfd\Description: fdsfs

Detected by UnHackMe:

BOBLOU.EXE
Default location: %WinDir%\BOBLOU.EXE

Dropper information:
MD5: 04057d0b78a2b10b89746bec6caf27d6
File size: 21504 bytes

Leave a Reply