Solved! Use HRA33.DLL (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

HRA33.DLL – Backdoor Nitol removal

FileMD5Virus Alias
HRA33.DLL d87ebe9cd4a0176d76ebc465ede791a7 Backdoor Nitol
HRA33.DLL d87ebe9cd4a0176d76ebc465ede791a7 Trojan Generic
HRA33.DLL d87ebe9cd4a0176d76ebc465ede791a7 Backdoor RBot
HRA33.DLL d87ebe9cd4a0176d76ebc465ede791a7 Trojan Buzus
HRA33.DLL d87ebe9cd4a0176d76ebc465ede791a7 Trojan Agent
HRA33.DLL d87ebe9cd4a0176d76ebc465ede791a7 Backdoor IRCBot

HRA33.DLL size: 8704 bytes
HRA33.DLL hash: D87EBE9CD4A0176D76EBC465EDE791A7

Created files:

%WinDir%\nijlik.exe
%SysDir%\hra33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\TCP Mnager Service\Type: 10010000
HKLM\System\CurrentControlSet\Services\TCP Mnager Service\Start: 02000000
HKLM\System\CurrentControlSet\Services\TCP Mnager Service\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\TCP Mnager Service\DisplayName: TCP Mnager Service
HKLM\System\CurrentControlSet\Services\TCP Mnager Service\ImagePath: %WinDir%\nijlik.exe
HKLM\System\CurrentControlSet\Services\TCP Mnager Service\Description: TCP Mnager Service

Detected by UnHackMe:

HRA33.DLL
Default location: %SYSDIR%\HRA33.DLL

Dropper information:
MD5: d1670fec84f59ea9fe339594994c8c77
File size: 20480 bytes

Leave a Reply