Solved! Use FWZZWM.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

FWZZWM.EXE – Backdoor Nitol removal

FileMD5Virus Alias
FWZZWM.EXE 2f09535cf202219826b52aed6fdbf8a0 Backdoor Nitol
FWZZWM.EXE 2f09535cf202219826b52aed6fdbf8a0 Trojan SuspiciousFile
FWZZWM.EXE 2f09535cf202219826b52aed6fdbf8a0 Backdoor RBot
FWZZWM.EXE 2f09535cf202219826b52aed6fdbf8a0 Trojan Downloader
FWZZWM.EXE 2f09535cf202219826b52aed6fdbf8a0 Trojan Agent
FWZZWM.EXE 2f09535cf202219826b52aed6fdbf8a0 Backdoor Zegost

FWZZWM.EXE size: 43520 bytes
FWZZWM.EXE hash: 2F09535CF202219826B52AED6FDBF8A0

Created files:

%WinDir%\fwzzwm.exe
%SysDir%\hra33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\dsfgsd23sd5f6465sd4f321sd23f123sd1f2\Type: 10010000
HKLM\System\CurrentControlSet\Services\dsfgsd23sd5f6465sd4f321sd23f123sd1f2\Start: 02000000
HKLM\System\CurrentControlSet\Services\dsfgsd23sd5f6465sd4f321sd23f123sd1f2\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\dsfgsd23sd5f6465sd4f321sd23f123sd1f2\DisplayName: dsf54g56sd123v1d65fb465sd4f56s12d3f123sd1f23123
HKLM\System\CurrentControlSet\Services\dsfgsd23sd5f6465sd4f321sd23f123sd1f2\ImagePath: %WinDir%\fwzzwm.exe
HKLM\System\CurrentControlSet\Services\dsfgsd23sd5f6465sd4f321sd23f123sd1f2\Description: sdf4s6545d6f456g4s56d4f5s1d23f1s23d1f45sd4f32s1df485sd6f46

Detected by UnHackMe:

FWZZWM.EXE
Default location: %WinDir%\FWZZWM.EXE

Dropper information:
MD5: 2f09535cf202219826b52aed6fdbf8a0
File size: 43520 bytes

Leave a Reply