The program NKL.SYS is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with NKL.SYS.
Download for free: http://www.unhackme.com
Malware Analysis of NKL.SYS
Full path on a computer: %SysDir%\drivers\nkl.sys
Detected by UnHackMe:
NKL.SYS
Default location: %SysDir%\drivers\nkl.sys
Removal Results: Success
Number of reboot: 1
NKL.SYS is known as:
Backdoor.Turla.A
NKL.SYS hash:
- MD5: d50a3e99d354cac5f973d500aee8b844
The file tries to download information from some web sites.
How to quickly detect NKL.SYS presence?
![]( "Registry")
Registry:
![]( "Files")
Files:
Registry:- HKLM\System\CurrentControlSet\Services\nkl\ImagePath: “\??\%SysDir%\DRIVERS\nkl.SYS”
- HKLM\System\CurrentControlSet\Services\nkl\DisplayName: “nkl”
Files:- %Temp%\winptr.ocx
- %SysDir%\drivers\nkl.sys
- %SysDir%\mscds.ml