I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
XSBPOI.EXE – Backdoor Nitol removal
| File | MD5 | Virus Alias |
|---|---|---|
| XSBPOI.EXE | 4427a0dd86f8dfeee0e7508b9e8771f4 | Backdoor Nitol |
| XSBPOI.EXE | 4427a0dd86f8dfeee0e7508b9e8771f4 | Trojan SuspiciousFile |
| XSBPOI.EXE | 4427a0dd86f8dfeee0e7508b9e8771f4 | Trojan Generic |
| XSBPOI.EXE | 4427a0dd86f8dfeee0e7508b9e8771f4 | Trojan Eldorado |
| XSBPOI.EXE | 4427a0dd86f8dfeee0e7508b9e8771f4 | Backdoor RBot |
| XSBPOI.EXE | 4427a0dd86f8dfeee0e7508b9e8771f4 | Trojan Graftor |
XSBPOI.EXE size: 66560 bytes
XSBPOI.EXE hash: 4427A0DD86F8DFEEE0E7508B9E8771F4
Created files:
%SysDir%\xsbpoi.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\Nationaluyh\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationaluyh\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationaluyh\DisplayName: Nationalbqe Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationaluyh\ImagePath: %WinDir%\System32\xsbpoi.exe
HKLM\System\CurrentControlSet\Services\Nationaluyh\Description: Provideslcb a domain server for NI security.
Detected by UnHackMe:
XSBPOI.EXE
Default location: %SYSDIR%\XSBPOI.EXE
Dropper information:
MD5: 4427a0dd86f8dfeee0e7508b9e8771f4
File size: 66560 bytes