I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
SAUOAG.EXE – Backdoor Nitol removal
| File | MD5 | Virus Alias |
|---|---|---|
| SAUOAG.EXE | 5c11b13ee10a815d247c0adef9a1bc65 | Backdoor Nitol |
| SAUOAG.EXE | 5c11b13ee10a815d247c0adef9a1bc65 | Trojan SuspiciousFile |
| SAUOAG.EXE | 5c11b13ee10a815d247c0adef9a1bc65 | Trojan Eldorado |
| SAUOAG.EXE | 5c11b13ee10a815d247c0adef9a1bc65 | Trojan Downloader |
| SAUOAG.EXE | 5c11b13ee10a815d247c0adef9a1bc65 | Trojan OnLineGames |
| SAUOAG.EXE | 5c11b13ee10a815d247c0adef9a1bc65 | Trojan Agent |
SAUOAG.EXE size: 59392 bytes
SAUOAG.EXE hash: 5C11B13EE10A815D247C0ADEF9A1BC65
Created files:
%SysDir%\gei33.dll
%SysDir%\sauoag.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\DisplayName: ASP.NET State Servicesldt Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\ImagePath: %WinDir%\System32\sauoag.exe
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\Description: Provides support for out-of-to-processxiw Transaction Coordinator Service.
Detected by UnHackMe:
SAUOAG.EXE
Default location: %SYSDIR%\SAUOAG.EXE
Dropper information:
MD5: d403a50c324673e6fceea9a40deffa11
File size: 72192 bytes