nodantivir.sys - Dangerous

%sysdir%\nodantivir.sys

Free Download

Manual removal instructions:

Antivirus Report of %sysdir%\nodantivir.sys:
%sysdir%\nodantivir.sys Malware
%sysdir%\nodantivir.sysDangerous
%sysdir%\nodantivir.sysHigh Risk
%sysdir%\nodantivir.sys
nodantivir.sys is rootkit Trojan.Haxdoor-AK.
nodantivir.sys is used to hide files, processes and registry.
nodantivir.sys is a kernel mode rootkit.
Rootkit contacts remote hacker server using HTTP session.
nodantivir.sys created new system drivers:
service name: "nodantivir"
display name: "NOD AV service"
Added to registry:
HKLM\SYSTEM\CurrentControlSet\Services\nodantivir\

Related files:
%SysDir%\nodantivir.sys
%SysDir%\mcfG7A.dll
Adds the value:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mcfG7A
DllName
mcfG7A.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mcfG7A
Startup
mcfG7A

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mcfG7A
Impersonate
1
to the Windows startup registry keys.

Remove nodantivir.sys now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.