Solved! Use RUDFCY.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RUDFCY.EXE – Backdoor Nitol removal

FileMD5Virus Alias
RUDFCY.EXE 659c8174d9174fb5e7fbbae6db5917d5 Backdoor Nitol
RUDFCY.EXE 659c8174d9174fb5e7fbbae6db5917d5 Trojan DLOADER
RUDFCY.EXE 659c8174d9174fb5e7fbbae6db5917d5 Trojan SuspiciousFile
RUDFCY.EXE 659c8174d9174fb5e7fbbae6db5917d5 Trojan Artemis
RUDFCY.EXE 659c8174d9174fb5e7fbbae6db5917d5 Trojan Generic
RUDFCY.EXE 659c8174d9174fb5e7fbbae6db5917d5 Trojan Eldorado

RUDFCY.EXE size: 30080 bytes
RUDFCY.EXE hash: 659C8174D9174FB5E7FBBAE6DB5917D5

Created files:

%WinDir%\rudfcy.exe
%SysDir%\hra33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Mnopqr Tuvwxyab Def\Type: 10010000
HKLM\System\CurrentControlSet\Services\Mnopqr Tuvwxyab Def\Start: 02000000
HKLM\System\CurrentControlSet\Services\Mnopqr Tuvwxyab Def\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Mnopqr Tuvwxyab Def\DisplayName: Mnopqr Tuvwxyab Defghijk Mnop
HKLM\System\CurrentControlSet\Services\Mnopqr Tuvwxyab Def\ImagePath: %WinDir%\rudfcy.exe
HKLM\System\CurrentControlSet\Services\Mnopqr Tuvwxyab Def\Description: Mnopqrst Vwxyabcde Ghijklm Opqrstuv Xya

Detected by UnHackMe:

RUDFCY.EXE
Default location: %WinDir%\RUDFCY.EXE

Dropper information:
MD5: 659c8174d9174fb5e7fbbae6db5917d5
File size: 30080 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images