DDoS:Win32/Nitol!pz removal tips

The DDoS:Win32/Nitol!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What DDoS:Win32/Nitol!pz virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine DDoS:Win32/Nitol!pz?


File Info:
name: A1AD00E84D0D363FAD8A.mlw
path: /opt/CAPEv2/storage/binaries/f81128b439d4f7369b86c5219a1e91698513672691f71f4deac29ce31c540f8f
crc32: E8202369
md5: a1ad00e84d0d363fad8ab17a9446f929
sha1: 29d91f66d375dc3433e1879a313e2a05f22a5ffb
sha256: f81128b439d4f7369b86c5219a1e91698513672691f71f4deac29ce31c540f8f
sha512: fa40bb87f4e48988aaa72f28f4962a4f435f542deb4dc93f54166f01f9ca519a17cbfbb1887342e84f6c27329ea2c9318e85d27a07498973543e2ca7c0dc728f
ssdeep: 192:qIAAN4oZCVc6jiVhEdzT12iewVf+xA7yOr8NwhcxdsKsTCQQrmAwVXs2g7Ft4kYY:qI7cVjjiqrPyD9Iuw9sC9uu+15pjp
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1C4C27C6BEE07D4B3DD779078F0D82E26C25DE4201D657616CB83462C2DF9DA8AE2421F
sha3_384: 4efa297c22e6bdf184c2e94e0dd3e19713f2c178a7382fceec7739444c9aed908a801181e550d57a1a7872ce81bc7e53
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2009-03-18 14:15:10

Version Info:
0: [No Data]

DDoS:Win32/Nitol!pz also known as:

Bkav	W32.Common.8C7D37FB
Lionic	Trojan.Win32.Agent.kZeW
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Ursu.936501
ClamAV	Win.Trojan.Killav-513
FireEye	Generic.mg.a1ad00e84d0d363f
Skyhigh	BehavesLike.Win32.Ransomware.mm
McAfee	ProcKill-ER.a
Cylance	unsafe
Zillya	Dropper.Killav.Win32.74
Sangfor	Suspicious.Win32.Save.ins
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Worm:Win32/Ranky.a27b8136
K7GW	P2PWorm ( 0055e3e51 )
K7AntiVirus	P2PWorm ( 0055e3e51 )
Baidu	Win32.Rootkit.Agent.ad
VirIT	Trojan.Win32.KillAV.WI
Symantec	Trojan.KillAV
ESET-NOD32	Win32/AutoRun.Agent.EU
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Proxy.Win32.Ranky.peg
BitDefender	Gen:Variant.Ursu.936501
NANO-Antivirus	Trojan.Win32.KillAV.ibxg
ViRobot	Dropper.KillAV.26480
Avast	Win32:KillAV-LO [Trj]
Tencent	Malware.Win32.Gencirc.115a5880
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Spy.Gen
DrWeb	Trojan.AVKill.24416
VIPRE	Gen:Variant.Ursu.936501
TrendMicro	TROJ_DOGKILL.SMI
Emsisoft	Gen:Variant.Ursu.936501 (B)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Ursu.936501
Jiangmin	TrojanDropper.q
Webroot	W32.KillAV.Gen
Google	Detected
Avira	TR/Spy.Gen
Antiy-AVL	Trojan[Dropper]/Win32.Killav
Kingsoft	malware.kb.a.998
Xcitium	TrojWare.Win32.Magania.~E@f80uw
Arcabit	Trojan.Ursu.DE4A35
ZoneAlarm	Trojan-Proxy.Win32.Ranky.peg
Microsoft	DDoS:Win32/Nitol!pz
Varist	W32/SYStroj.R.gen!Eldorado
AhnLab-V3	Trojan/Win32.KillAV.R7988
VBA32	TScope.Malware-Cryptor.SB
ALYac	Gen:Variant.Ursu.936501
MAX	malware (ai score=100)
Panda	Trj/KillAV.FJ
TrendMicro-HouseCall	TROJ_DOGKILL.SMI
Rising	Rootkit.AntiAV!1.67CC (CLASSIC)
Yandex	Trojan.GenAsa!8rfTCzi2kDo
Ikarus	Virus.Win32.Agent.BQC
MaxSecure	Trojan.Malware.9361.susgen
Fortinet	W32/SillyFDC.CZ
BitDefenderTheta	Gen:NN.ZedlaF.36744.bu4@aa9uPWbb
AVG	Win32:KillAV-LO [Trj]
DeepInstinct	MALICIOUS

How to remove DDoS:Win32/Nitol!pz?

DDoS:Win32/Nitol!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X