I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
BLACK.DLL – Backdoor Nitol removal
File | MD5 | Virus Alias |
---|---|---|
BLACK.DLL | 2542112ba391e66e80396bce4aa77255 | Backdoor Nitol |
BLACK.DLL | 2542112ba391e66e80396bce4aa77255 | Trojan BadReputation |
BLACK.DLL | 2542112ba391e66e80396bce4aa77255 | Trojan Generic |
BLACK.DLL | 2542112ba391e66e80396bce4aa77255 | Trojan CI |
BLACK.DLL | 2542112ba391e66e80396bce4aa77255 | Virus Part |
BLACK.DLL size: 9216 bytes
BLACK.DLL hash: 2542112BA391E66E80396BCE4AA77255
Created files:
%SysDir%\Black.dll
%SysDir%\Drivers\diskflt.sys
%SysDir%\kscan.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run : %WinDir%\System32\kscan.exe
HKLM\System\CurrentControlSet\Services\diskflt\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\diskflt\Type: 01000000
HKLM\System\CurrentControlSet\Services\diskflt\Tag: 0A000000
HKLM\System\CurrentControlSet\Services\Nationaljqn\Type: 10010000
HKLM\System\CurrentControlSet\Services\Nationaljqn\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationaljqn\DisplayName: Nationallgp Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationaljqn\ImagePath: %WinDir%\System32\kscan.exe
HKLM\System\CurrentControlSet\Services\Nationaljqn\Description: Providesjlm a domain server for NI security.
Detected by UnHackMe:
BLACK.DLL
Default location: %SYSDIR%\BLACK.DLL
Dropper information:
MD5: 15c1ffb1923d637058b04fe6536a25a8
File size: 218968 bytes