I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMeFully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
BAXLWY.EXE – Backdoor Nitol removal
File | MD5 | Virus Alias |
---|---|---|
BAXLWY.EXE | a4a0df64edde1d19d3117de020acf345 | Backdoor Nitol |
BAXLWY.EXE | a4a0df64edde1d19d3117de020acf345 | Trojan Eldorado |
BAXLWY.EXE | a4a0df64edde1d19d3117de020acf345 | Trojan Agent |
BAXLWY.EXE | a4a0df64edde1d19d3117de020acf345 | Virus Sality |
BAXLWY.EXE | a4a0df64edde1d19d3117de020acf345 | Trojan Scar |
BAXLWY.EXE size: 77312 bytes
BAXLWY.EXE hash: A4A0DF64EDDE1D19D3117DE020ACF345
Created files:
%SysDir%\baxlwy.exe
%SysDir%\gei33.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\netscvre\Type: 10000000
HKLM\System\CurrentControlSet\Services\netscvre\Start: 02000000
HKLM\System\CurrentControlSet\Services\netscvre\DisplayName: NT LM Security Support Providers
HKLM\System\CurrentControlSet\Services\netscvre\ImagePath: %WinDir%\System32\baxlwy.exe
HKLM\System\CurrentControlSet\Services\netscvre\Description: NT LM Security Support Providers
Detected by UnHackMe:
BAXLWY.EXE
Default location: %SYSDIR%\BAXLWY.EXE
Dropper information:
MD5: a4a0df64edde1d19d3117de020acf345
File size: 77312 bytes