Solved! Use SERVER.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SERVER.EXE – Backdoor Nitol removal

FileMD5Virus Alias
SERVER.EXE 420026e4ab89566669a6c21c8d0f3901 Backdoor Nitol
SERVER.EXE 420026e4ab89566669a6c21c8d0f3901 Trojan MulDrop4
SERVER.EXE 420026e4ab89566669a6c21c8d0f3901 Trojan Eldorado
SERVER.EXE 420026e4ab89566669a6c21c8d0f3901 Backdoor RBot
SERVER.EXE 420026e4ab89566669a6c21c8d0f3901 Trojan Downloader
SERVER.EXE 420026e4ab89566669a6c21c8d0f3901 Trojan Graftor

SERVER.EXE size: 57344 bytes
SERVER.EXE hash: 420026E4AB89566669A6C21C8D0F3901

Created files:

%SysDir%\server.exe
%SysDir%\vmware-vmx.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\VMwareVmx\Type: 10000000
HKLM\System\CurrentControlSet\Services\VMwareVmx\Start: 02000000
HKLM\System\CurrentControlSet\Services\VMwareVmx\DisplayName: VMware VMX Service
HKLM\System\CurrentControlSet\Services\VMwareVmx\ImagePath: %WinDir%\System32\vmware-vmx.exe
HKLM\System\CurrentControlSet\Services\VMwareVmx\Description: VMX service for virtual networks.

Detected by UnHackMe:

SERVER.EXE
Default location: %SYSDIR%\SERVER.EXE

Dropper information:
MD5: 420026e4ab89566669a6c21c8d0f3901
File size: 57344 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images