Solved! Use GEI33.DLL (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

GEI33.DLL – Backdoor Nitol removal

File MD5 Virus Alias
GEI33.DLL de61de242b5500304af17e4661100ea5 Backdoor Nitol
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Generic
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Graftor
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan OnLineGames
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Agent
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Scar

GEI33.DLL size: 12288 bytes
GEI33.DLL hash: DE61DE242B5500304AF17E4661100EA5

Created files:

%SysDir%\gei33.dll
%SysDir%\gieuew.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\?: 10000000
HKLM\System\CurrentControlSet\Services\?: 02000000
HKLM\System\CurrentControlSet\Services\?: ASP.NET State Services
HKLM\System\CurrentControlSet\Services\?: %WinDir%\System32\gieuew.exe
HKLM\System\CurrentControlSet\Services\?: 04000000
HKLM\System\CurrentControlSet\Services\?: 07000000
HKLM\System\CurrentControlSet\Services\?: D0070000
HKLM\System\CurrentControlSet\Services\?: F8500000
HKLM\System\CurrentControlSet\Services\?: Provides support for out-of-to-process

Detected by UnHackMe:

GEI33.DLL
Default location: %SYSDIR%\GEI33.DLL

Dropper information:
MD5: 4bfabfc394734785d8e872265e705c91
File size: 59392 bytes

Leave a Reply