Solved! Use BAXLWY.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

BAXLWY.EXE – Backdoor Nitol removal

File MD5 Virus Alias
BAXLWY.EXE a4a0df64edde1d19d3117de020acf345 Backdoor Nitol
BAXLWY.EXE a4a0df64edde1d19d3117de020acf345 Trojan Eldorado
BAXLWY.EXE a4a0df64edde1d19d3117de020acf345 Trojan Agent
BAXLWY.EXE a4a0df64edde1d19d3117de020acf345 Virus Sality
BAXLWY.EXE a4a0df64edde1d19d3117de020acf345 Trojan Scar

BAXLWY.EXE size: 77312 bytes
BAXLWY.EXE hash: A4A0DF64EDDE1D19D3117DE020ACF345

Created files:

%SysDir%\baxlwy.exe
%SysDir%\gei33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\netscvre\Type: 10000000
HKLM\System\CurrentControlSet\Services\netscvre\Start: 02000000
HKLM\System\CurrentControlSet\Services\netscvre\DisplayName: NT LM Security Support Providers
HKLM\System\CurrentControlSet\Services\netscvre\ImagePath: %WinDir%\System32\baxlwy.exe
HKLM\System\CurrentControlSet\Services\netscvre\Description: NT LM Security Support Providers

Detected by UnHackMe:

BAXLWY.EXE
Default location: %SYSDIR%\BAXLWY.EXE

Dropper information:
MD5: a4a0df64edde1d19d3117de020acf345
File size: 77312 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images