XAVDWE.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

XAVDWE.EXE – Backdoor Nitol removal

FileMD5Virus Alias
XAVDWE.EXE fde4c5a59d4b0c1e2057ed98d2bff402 Backdoor Nitol
XAVDWE.EXE fde4c5a59d4b0c1e2057ed98d2bff402 Trojan SuspiciousFile
XAVDWE.EXE fde4c5a59d4b0c1e2057ed98d2bff402 Trojan Eldorado
XAVDWE.EXE fde4c5a59d4b0c1e2057ed98d2bff402 Trojan Downloader
XAVDWE.EXE fde4c5a59d4b0c1e2057ed98d2bff402 Trojan OnLineGames
XAVDWE.EXE fde4c5a59d4b0c1e2057ed98d2bff402 Trojan Agent

XAVDWE.EXE size: 59392 bytes
XAVDWE.EXE hash: FDE4C5A59D4B0C1E2057ED98D2BFF402

Created files:

%SysDir%\gei33.dll
%SysDir%\xavdwe.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\asapnet_states\Type: 10000000
HKLM\System\CurrentControlSet\Services\asapnet_states\Start: 02000000
HKLM\System\CurrentControlSet\Services\asapnet_states\DisplayName: ASP.NET State Services
HKLM\System\CurrentControlSet\Services\asapnet_states\ImagePath: %WinDir%\System32\xavdwe.exe
HKLM\System\CurrentControlSet\Services\asapnet_states\Description: Provides support for out-of-to-process

Detected by UnHackMe:

XAVDWE.EXE
Default location: %SYSDIR%\XAVDWE.EXE

Dropper information:
MD5: fde4c5a59d4b0c1e2057ed98d2bff402
File size: 59392 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images