Solved! Use ZOPBGQ.EXE (Backdoor Nitol) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

ZOPBGQ.EXE – Backdoor Nitol removal

FileMD5Virus Alias
ZOPBGQ.EXE c91fa5cb20101599e60f4e0caf96de04 Backdoor Nitol
ZOPBGQ.EXE c91fa5cb20101599e60f4e0caf96de04 Trojan Artemis
ZOPBGQ.EXE c91fa5cb20101599e60f4e0caf96de04 Trojan Generic
ZOPBGQ.EXE c91fa5cb20101599e60f4e0caf96de04 Trojan Eldorado
ZOPBGQ.EXE c91fa5cb20101599e60f4e0caf96de04 Backdoor RBot
ZOPBGQ.EXE c91fa5cb20101599e60f4e0caf96de04 Virus Part

ZOPBGQ.EXE size: 59392 bytes
ZOPBGQ.EXE hash: C91FA5CB20101599E60F4E0CAF96DE04

Created files:

%SysDir%\zopbgq.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationalwhb\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationalwhb\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationalwhb\DisplayName: Nationalxse Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationalwhb\ImagePath: %WinDir%\System32\zopbgq.exe
HKLM\System\CurrentControlSet\Services\Nationalwhb\Description: Providesojc a domain server for NI security.

Detected by UnHackMe:

ZOPBGQ.EXE
Default location: %SYSDIR%\ZOPBGQ.EXE

Dropper information:
MD5: c91fa5cb20101599e60f4e0caf96de04
File size: 59392 bytes

Leave a Reply