Solved! Use WINDOTNETSRV.EXE (Virus Sality) Removal Guide

Virus No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

WINDOTNETSRV.EXE – Virus Sality removal

File MD5 Virus Alias
WINDOTNETSRV.EXE 004aa6d9ffd050af3d8a10aa98f1b630 Virus Sality
WINDOTNETSRV.EXE 004aa6d9ffd050af3d8a10aa98f1b630 Trojan Hllw
WINDOTNETSRV.EXE 004aa6d9ffd050af3d8a10aa98f1b630 Trojan Eldorado
WINDOTNETSRV.EXE 004aa6d9ffd050af3d8a10aa98f1b630 Worm Autorun
WINDOTNETSRV.EXE 004aa6d9ffd050af3d8a10aa98f1b630 Trojan Agent
WINDOTNETSRV.EXE 004aa6d9ffd050af3d8a10aa98f1b630 Trojan Crypt

WINDOTNETSRV.EXE size: 139264 bytes
WINDOTNETSRV.EXE hash: 004AA6D9FFD050AF3D8A10AA98F1B630

Created files:

C:\11b8cc
%SysDir%\windotnetsrv.exe
D:\11bcd3

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\windll: %WinDir%\System32\windotnetsrv.exe

Detected by UnHackMe:

WINDOTNETSRV.EXE
Default location: %SYSDIR%\WINDOTNETSRV.EXE

Dropper information:
MD5: 004aa6d9ffd050af3d8a10aa98f1b630
File size: 139264 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images