I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
HGZLGM.EXE – Backdoor Nitol removal
| File | MD5 | Virus Alias |
|---|---|---|
| HGZLGM.EXE | 2c1917403d113d83404f898ae71939d2 | Backdoor Nitol |
| HGZLGM.EXE | 2c1917403d113d83404f898ae71939d2 | Trojan Eldorado |
| HGZLGM.EXE | 2c1917403d113d83404f898ae71939d2 | Trojan Downloader |
| HGZLGM.EXE | 2c1917403d113d83404f898ae71939d2 | Trojan Graftor |
| HGZLGM.EXE | 2c1917403d113d83404f898ae71939d2 | Trojan Agent |
| HGZLGM.EXE | 2c1917403d113d83404f898ae71939d2 | Trojan Scar |
HGZLGM.EXE size: 49664 bytes
HGZLGM.EXE hash: 2C1917403D113D83404F898AE71939D2
Created files:
%WinDir%\svchoost.exe
%SysDir%\gei33.dll
%SysDir%\hgzlgm.exe
%Temp%\zhunquel.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run : 43003A005C00570049004E0044004F00570053005C0073007600630068006F006F00730074002E006500780065000000
HKLM\System\CurrentControlSet\Services\netscvre\Type: 10000000
HKLM\System\CurrentControlSet\Services\netscvre\Start: 02000000
HKLM\System\CurrentControlSet\Services\netscvre\DisplayName: NT LM Security Support Providers
HKLM\System\CurrentControlSet\Services\netscvre\ImagePath: %WinDir%\System32\hgzlgm.exe
HKLM\System\CurrentControlSet\Services\netscvre\Description: NT LM Security Support Providers
Detected by UnHackMe:
HGZLGM.EXE
Default location: %SYSDIR%\HGZLGM.EXE
Dropper information:
MD5: 64c1ca809f3bd60278231c983407309d
File size: 92160 bytes