Solved! Use OSSASO.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

OSSASO.EXE – Backdoor Nitol removal

File MD5 Virus Alias
OSSASO.EXE 0042b92943b1622f73f324741d3d1b61 Backdoor Nitol
OSSASO.EXE 0042b92943b1622f73f324741d3d1b61 Trojan Downloader
OSSASO.EXE 0042b92943b1622f73f324741d3d1b61 Trojan Agent
OSSASO.EXE 0042b92943b1622f73f324741d3d1b61 Trojan Small
OSSASO.EXE 0042b92943b1622f73f324741d3d1b61 Trojan Scar

OSSASO.EXE size: 37376 bytes
OSSASO.EXE hash: 0042B92943B1622F73F324741D3D1B61

Created files:

%SysDir%\ossaso.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationalmew\Type: 10010000
HKLM\System\CurrentControlSet\Services\Nationalmew\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationalmew\DisplayName: Nationalksu Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationalmew\ImagePath: %WinDir%\System32\ossaso.exe

Detected by UnHackMe:

OSSASO.EXE
Default location: %SYSDIR%\OSSASO.EXE

Dropper information:
MD5: 0042b92943b1622f73f324741d3d1b61
File size: 37376 bytes

Leave a Reply