Solved! Use OOUOOQ.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

OOUOOQ.EXE – Backdoor Nitol removal

FileMD5Virus Alias
OOUOOQ.EXE 5c115b1863221ea45e75cd44073d6772 Backdoor Nitol
OOUOOQ.EXE 5c115b1863221ea45e75cd44073d6772 Trojan DLOADER
OOUOOQ.EXE 5c115b1863221ea45e75cd44073d6772 Trojan SuspiciousFile
OOUOOQ.EXE 5c115b1863221ea45e75cd44073d6772 Trojan Generic
OOUOOQ.EXE 5c115b1863221ea45e75cd44073d6772 Trojan Eldorado
OOUOOQ.EXE 5c115b1863221ea45e75cd44073d6772 Backdoor RBot

OOUOOQ.EXE size: 94208 bytes
OOUOOQ.EXE hash: 5C115B1863221EA45E75CD44073D6772

Created files:

%SysDir%\oouooq.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\Type: 10000000
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\Start: 02000000
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\DisplayName: Jklmno Qrstuvwx Abcdefgh Jklm
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\ImagePath: %WinDir%\System32\oouooq.exe
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\Description: Jklmnopq Stuvwxyab Defghij Lmnopqrs Uvw

Detected by UnHackMe:

OOUOOQ.EXE
Default location: %SYSDIR%\OOUOOQ.EXE

Dropper information:
MD5: 5c115b1863221ea45e75cd44073d6772
File size: 94208 bytes

Leave a Reply