Solved! Use NEDPIU.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

NEDPIU.EXE – Backdoor Nitol removal

FileMD5Virus Alias
NEDPIU.EXE 4c90a901b161c31b4d9da01ef3fc589e Backdoor Nitol
NEDPIU.EXE 4c90a901b161c31b4d9da01ef3fc589e Trojan SuspiciousFile
NEDPIU.EXE 4c90a901b161c31b4d9da01ef3fc589e Trojan Generic
NEDPIU.EXE 4c90a901b161c31b4d9da01ef3fc589e Backdoor RBot
NEDPIU.EXE 4c90a901b161c31b4d9da01ef3fc589e Trojan Downloader
NEDPIU.EXE 4c90a901b161c31b4d9da01ef3fc589e Backdoor Farfli

NEDPIU.EXE size: 24576 bytes
NEDPIU.EXE hash: 4C90A901B161C31B4D9DA01EF3FC589E

Created files:

%WinDir%\nedpiu.exe
%SysDir%\hra33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\Type: 10010000
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\Start: 02000000
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\DisplayName: Defghi Klmnopqr Tuvwxyab Defg
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\ImagePath: %WinDir%\nedpiu.exe
HKLM\System\CurrentControlSet\Services\Defghi Klmnopqr Tuv\Description: Defghijk Mnopqrstu Wxyabcd Fghijklm Opq

Detected by UnHackMe:

NEDPIU.EXE
Default location: %WinDir%\NEDPIU.EXE

Dropper information:
MD5: 4c90a901b161c31b4d9da01ef3fc589e
File size: 24576 bytes

Leave a Reply