Solved! Use WTHIC.SYS (Backdoor Koutodoor) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

WTHIC.SYS – Backdoor Koutodoor removal

File MD5 Virus Alias
WTHIC.SYS 437fd57bd894b71e4e4d36518a5969c1 Backdoor Koutodoor
WTHIC.SYS 437fd57bd894b71e4e4d36518a5969c1 Trojan Generic
WTHIC.SYS 437fd57bd894b71e4e4d36518a5969c1 Trojan Eldorado
WTHIC.SYS 437fd57bd894b71e4e4d36518a5969c1 Trojan Agent
WTHIC.SYS 437fd57bd894b71e4e4d36518a5969c1 Trojan Crypt

WTHIC.SYS size: 42112 bytes
WTHIC.SYS hash: 437FD57BD894B71E4E4D36518A5969C1

Created files:

%SysDir%\drivers\wthic.sys
%SysDir%\mmgzli.dll
%Temp%\czhugg.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\wthic\Type: 01000000
HKLM\System\CurrentControlSet\Services\wthic\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\wthic\DisplayName: wthic
HKLM\System\CurrentControlSet\Services\wthic\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C00770074006800690063002E007300790073000000

Detected by UnHackMe:

WTHIC.SYS
Default location: %SYSDIR%\DRIVERS\WTHIC.SYS

Dropper information:
MD5: d772c349d298750726aed6704606ebf6
File size: 200768 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images