Solved! Use MMGZLI.DLL (Backdoor Koutodoor) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

MMGZLI.DLL – Backdoor Koutodoor removal

FileMD5Virus Alias
MMGZLI.DLL 77acdad711cb538c77dccd6bb349442a Backdoor Koutodoor
MMGZLI.DLL 77acdad711cb538c77dccd6bb349442a Trojan Generic
MMGZLI.DLL 77acdad711cb538c77dccd6bb349442a Trojan Eldorado
MMGZLI.DLL 77acdad711cb538c77dccd6bb349442a Trojan Adload
MMGZLI.DLL 77acdad711cb538c77dccd6bb349442a Trojan Agent
MMGZLI.DLL 77acdad711cb538c77dccd6bb349442a Trojan Crypt

MMGZLI.DLL size: 65536 bytes
MMGZLI.DLL hash: 77ACDAD711CB538C77DCCD6BB349442A

Created files:

%SysDir%\drivers\wthic.sys
%SysDir%\mmgzli.dll
%Temp%\czhugg.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\wthic\Type: 01000000
HKLM\System\CurrentControlSet\Services\wthic\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\wthic\DisplayName: wthic
HKLM\System\CurrentControlSet\Services\wthic\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C00770074006800690063002E007300790073000000

Detected by UnHackMe:

MMGZLI.DLL
Default location: %SYSDIR%\MMGZLI.DLL

Dropper information:
MD5: d772c349d298750726aed6704606ebf6
File size: 200768 bytes

Leave a Reply