GEI33.DLL is Rootkit Lapka
Rootkit GEI33.DLL is software that enables continued privileged access to a computer while actively hiding its presence.
Detection and removal of GEI33.DLL may be a very difficult process.
You should use anti-rootkit software to fix the GEI33.DLL problem.
Malware Analysis of GEI33.DLL
Full path on a computer: %SysDir%\gei33.dll
Detected by UnHackMe:
Item Name: ncbxcoksfz
Author:
Related File: %SysDir%\ookyou.exe
Type: Auto Services
Item Name: lpk.dll
Author: Unknown
Related File: %STARTUP%\LPK.DLL
Type: Startup Folder
Item Name: ookyou.exe
Author: Unknown
Related File: %SYSDIR%\OOKYOU.EXE
Type: Running Processes
GEI33.DLL
Default location: %SysDir%\gei33.dll
Removal Results: Success
Number of reboot: 1
GEI33.DLL is known as:
Rootkit.Lapka
GEI33.DLL hash:
- MD5: 312f51e2b5756ec85fd6d098380be760
How to quickly detect GEI33.DLL presence?
Registry:
Files:
Registry:- HKLM\System\CurrentControlSet\Services\ncbxcoksfz\ImagePath: “%SysDir%\ookyou.exe”
- HKLM\System\CurrentControlSet\Services\ncbxcoksfz\DisplayName: “kvatxdknlyjyhfixjswn”
- HKLM\System\CurrentControlSet\Services\ncbxcoksfz\Description: “kkufnuxxzrzbmnmgqooketlyhnkoau”
Files:- C:\BackSys\windir\lpk.dll
- %Desktop%\lpk.dll
- %Local Appdata%\Google\Chrome\Application\lpk.dll
- %Local Appdata%\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\18.0.1025.151\lpk.dll
- %Local Appdata%\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\17.0.963.56\lpk.dll
- %Local Appdata%\Google\Update\lpk.dll
- %Temp%\{C14D94AD-30B2-44FC-BF52-E717CDD3CCD3}\lpk.dll
- %Temp%\lpk.dll
- %SysDir%\gei33.dll
- %SysDir%\ookyou.exe
Recommended: UnHackMe anti-rootkit and anti-malware
Premium software: RegRun Security Suite (Good choice for removal and protection)
