Solved! Use W_SERVER.EXE (Trojan OnLineGames) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

W_SERVER.EXE – Trojan OnLineGames removal

File MD5 Virus Alias
W_SERVER.EXE 377474c295328309021adbb1a387756b Trojan OnLineGames
W_SERVER.EXE 377474c295328309021adbb1a387756b Trojan, Suspicious File
W_SERVER.EXE 377474c295328309021adbb1a387756b Trojan Generic
W_SERVER.EXE 377474c295328309021adbb1a387756b Trojan Eldorado
W_SERVER.EXE 377474c295328309021adbb1a387756b Trojan Downloader
W_SERVER.EXE 377474c295328309021adbb1a387756b Backdoor Nitol

W_SERVER.EXE size: 184320 bytes
W_SERVER.EXE hash: 377474C295328309021ADBB1A387756B

Created files:

%SysDir%\W_Server.dll
%SysDir%\W_Server.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Wtyue_Service\Type: 10010000
HKLM\System\CurrentControlSet\Services\Wtyue_Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\Wtyue_Service\DisplayName: Wtyue_Service
HKLM\System\CurrentControlSet\Services\Wtyue_Service\ImagePath: %WinDir%\System32\W_Server.exe
HKLM\System\CurrentControlSet\Services\Wtyue_Service\Description: 57007400790075006500B700FE00CE00F100B600CB000000

Detected by UnHackMe:

W_SERVER.EXE
Default location: %SYSDIR%\W_SERVER.EXE

Dropper information:
MD5: 377474c295328309021adbb1a387756b
File size: 184320 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images