TSFTOW.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

TSFTOW.EXE – Backdoor Nitol removal

FileMD5Virus Alias
TSFTOW.EXE 754259ff98ffb8bbc408ed9dc5db85d8 Backdoor Nitol
TSFTOW.EXE 754259ff98ffb8bbc408ed9dc5db85d8 Trojan Downloader
TSFTOW.EXE 754259ff98ffb8bbc408ed9dc5db85d8 Trojan Graftor
TSFTOW.EXE 754259ff98ffb8bbc408ed9dc5db85d8 Trojan OnLineGames
TSFTOW.EXE 754259ff98ffb8bbc408ed9dc5db85d8 Trojan Agent
TSFTOW.EXE 754259ff98ffb8bbc408ed9dc5db85d8 Trojan Small

TSFTOW.EXE size: 39424 bytes

Created files:

%SysDir%\hra33.dll
%SysDir%\tsftow.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Distribuyvs\Type: 10000000
HKLM\System\CurrentControlSet\Services\Distribuyvs\Start: 02000000
HKLM\System\CurrentControlSet\Services\Distribuyvs\DisplayName: Distribuicq Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\Distribuyvs\ImagePath: %WinDir%\System32\tsftow.exe
HKLM\System\CurrentControlSet\Services\Distribuyvs\Description: Distribuoks Transaction Coordinator Service.

Detected by UnHackMe:

TSFTOW.EXE
Default location: %SYSDIR%\TSFTOW.EXE
Dropper information:
MD5: da13f824f78517b9d5306532b7d56492
File size: 47104 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images