Solved! Use GEI33.DLL (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

GEI33.DLL – Backdoor Nitol removal

File MD5 Virus Alias
GEI33.DLL de61de242b5500304af17e4661100ea5 Backdoor Nitol
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Generic
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Graftor
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan OnLineGames
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Agent
GEI33.DLL de61de242b5500304af17e4661100ea5 Trojan Scar

GEI33.DLL size: 12288 bytes
GEI33.DLL hash: DE61DE242B5500304AF17E4661100EA5

Created files:

%SysDir%\gei33.dll
%SysDir%\qoicge.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\DisplayName: ASP.NET State Servicesldt Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\ImagePath: %WinDir%\System32\qoicge.exe
HKLM\System\CurrentControlSet\Services\aspnet_stateskyr\Description: Provides support for out-of-to-processxiw Transaction Coordinator Service.

Detected by UnHackMe:

GEI33.DLL
Default location: %SYSDIR%\GEI33.DLL

Dropper information:
MD5: bd61d5c581bcce53bf04ad293a2d70fa
File size: 59392 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images