I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
XAVDWE.EXE – Backdoor Nitol removal
File | MD5 | Virus Alias |
---|---|---|
XAVDWE.EXE | fde4c5a59d4b0c1e2057ed98d2bff402 | Backdoor Nitol |
XAVDWE.EXE | fde4c5a59d4b0c1e2057ed98d2bff402 | Trojan SuspiciousFile |
XAVDWE.EXE | fde4c5a59d4b0c1e2057ed98d2bff402 | Trojan Eldorado |
XAVDWE.EXE | fde4c5a59d4b0c1e2057ed98d2bff402 | Trojan Downloader |
XAVDWE.EXE | fde4c5a59d4b0c1e2057ed98d2bff402 | Trojan OnLineGames |
XAVDWE.EXE | fde4c5a59d4b0c1e2057ed98d2bff402 | Trojan Agent |
XAVDWE.EXE size: 59392 bytes
XAVDWE.EXE hash: FDE4C5A59D4B0C1E2057ED98D2BFF402
Created files:
%SysDir%\gei33.dll
%SysDir%\xavdwe.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\asapnet_states\Type: 10000000
HKLM\System\CurrentControlSet\Services\asapnet_states\Start: 02000000
HKLM\System\CurrentControlSet\Services\asapnet_states\DisplayName: ASP.NET State Services
HKLM\System\CurrentControlSet\Services\asapnet_states\ImagePath: %WinDir%\System32\xavdwe.exe
HKLM\System\CurrentControlSet\Services\asapnet_states\Description: Provides support for out-of-to-process
Detected by UnHackMe:
XAVDWE.EXE
Default location: %SYSDIR%\XAVDWE.EXE
Dropper information:
MD5: fde4c5a59d4b0c1e2057ed98d2bff402
File size: 59392 bytes