Solved! Use GEI33.DLL (Trojan Sinowal) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

GEI33.DLL – Trojan Sinowal removal

FileMD5Virus Alias
GEI33.DLL 6c13cc0ebe4560652d4f9e1941f4b59f Trojan Sinowal
GEI33.DLL 6c13cc0ebe4560652d4f9e1941f4b59f Trojan Eldorado
GEI33.DLL 6c13cc0ebe4560652d4f9e1941f4b59f Backdoor RBot
GEI33.DLL 6c13cc0ebe4560652d4f9e1941f4b59f Trojan Downloader
GEI33.DLL 6c13cc0ebe4560652d4f9e1941f4b59f Trojan Graftor
GEI33.DLL 6c13cc0ebe4560652d4f9e1941f4b59f Backdoor Nitol

GEI33.DLL size: 9728 bytes
GEI33.DLL hash: 6C13CC0EBE4560652D4F9E1941F4B59F

Created files:

%SysDir%\gei33.dll
%SysDir%\revnea.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\aspnet_seeees\Type: 10000000
HKLM\System\CurrentControlSet\Services\aspnet_seeees\Start: 02000000
HKLM\System\CurrentControlSet\Services\aspnet_seeees\DisplayName: ASP.NET State Seeeices
HKLM\System\CurrentControlSet\Services\aspnet_seeees\ImagePath: %WinDir%\System32\revnea.exe
HKLM\System\CurrentControlSet\Services\aspnet_seeees\Description: Provides seeeert for out-of-to-process

Detected by UnHackMe:

GEI33.DLL
Default location: %SYSDIR%\GEI33.DLL

Dropper information:
MD5: e1c96f0095c63be93a9d0db1f205cd89
File size: 72192 bytes

Leave a Reply