Solved! Use HMRU.DLL (Backdoor Koutodoor) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

HMRU.DLL – Backdoor Koutodoor removal

FileMD5Virus Alias
HMRU.DLL 082f7a38fd26821f63662029d20e7e8a Backdoor Koutodoor
HMRU.DLL 082f7a38fd26821f63662029d20e7e8a Trojan Generic
HMRU.DLL 082f7a38fd26821f63662029d20e7e8a Trojan Eldorado
HMRU.DLL 082f7a38fd26821f63662029d20e7e8a Trojan Adload
HMRU.DLL 082f7a38fd26821f63662029d20e7e8a Trojan Agent
HMRU.DLL 082f7a38fd26821f63662029d20e7e8a Trojan StartPage

HMRU.DLL size: 65536 bytes
HMRU.DLL hash: 082F7A38FD26821F63662029D20E7E8A

Created files:

%SysDir%\drivers\czexws.sys
%SysDir%\hmru.dll
%Temp%\odctqb.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\czexws\Type: 01000000
HKLM\System\CurrentControlSet\Services\czexws\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\czexws\DisplayName: czexws
HKLM\System\CurrentControlSet\Services\czexws\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C0063007A0065007800770073002E007300790073000000

Detected by UnHackMe:

HMRU.DLL
Default location: %SYSDIR%\HMRU.DLL

Dropper information:
MD5: 1a0f50dfd0b1d2dd7d6a9897e6346b16
File size: 208960 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images