Solved! Use LOLNKG.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

LOLNKG.EXE – Backdoor Nitol removal

FileMD5Virus Alias
LOLNKG.EXE 41dc54adc731e4b32feefb8fe8786d3e Backdoor Nitol
LOLNKG.EXE 41dc54adc731e4b32feefb8fe8786d3e Trojan SuspiciousFile
LOLNKG.EXE 41dc54adc731e4b32feefb8fe8786d3e Trojan Artemis
LOLNKG.EXE 41dc54adc731e4b32feefb8fe8786d3e Trojan Generic
LOLNKG.EXE 41dc54adc731e4b32feefb8fe8786d3e Backdoor RBot
LOLNKG.EXE 41dc54adc731e4b32feefb8fe8786d3e Trojan Downloader

LOLNKG.EXE size: 24576 bytes
LOLNKG.EXE hash: 41DC54ADC731E4B32FEEFB8FE8786D3E

Created files:

%WinDir%\lolnkg.exe
%SysDir%\hra33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Pqrstu Wxyabcde Ghi\Type: 10010000
HKLM\System\CurrentControlSet\Services\Pqrstu Wxyabcde Ghi\Start: 02000000
HKLM\System\CurrentControlSet\Services\Pqrstu Wxyabcde Ghi\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Pqrstu Wxyabcde Ghi\DisplayName: Pqrstu Wxyabcde Ghijklmn Pqrs
HKLM\System\CurrentControlSet\Services\Pqrstu Wxyabcde Ghi\ImagePath: %WinDir%\lolnkg.exe
HKLM\System\CurrentControlSet\Services\Pqrstu Wxyabcde Ghi\Description: Pqrstuvw Yabcdefgh Jklmnop Rstuvwxy Bcd

Detected by UnHackMe:

LOLNKG.EXE
Default location: %WinDir%\LOLNKG.EXE

Dropper information:
MD5: 41dc54adc731e4b32feefb8fe8786d3e
File size: 24576 bytes

Leave a Reply