Solved! Use ZMDPMG.EXE (Backdoor Nitol) Removal Guide

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

ZMDPMG.EXE – Backdoor Nitol removal

FileMD5Virus Alias
ZMDPMG.EXE 0157176b3065b4be1d399508c4ff8420 Backdoor Nitol
ZMDPMG.EXE 0157176b3065b4be1d399508c4ff8420 Trojan SuspiciousFile
ZMDPMG.EXE 0157176b3065b4be1d399508c4ff8420 Trojan Artemis
ZMDPMG.EXE 0157176b3065b4be1d399508c4ff8420 Trojan Agent
ZMDPMG.EXE 0157176b3065b4be1d399508c4ff8420 Backdoor Farfli

ZMDPMG.EXE size: 21504 bytes
ZMDPMG.EXE hash: 0157176B3065B4BE1D399508C4FF8420

Created files:

%SysDir%\hra33.dll
%WinDir%\zmdpmg.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\hsgj\Type: 10010000
HKLM\System\CurrentControlSet\Services\hsgj\Start: 02000000
HKLM\System\CurrentControlSet\Services\hsgj\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\hsgj\DisplayName: gcafg
HKLM\System\CurrentControlSet\Services\hsgj\ImagePath: %WinDir%\zmdpmg.exe
HKLM\System\CurrentControlSet\Services\hsgj\Description: gasdfhg

Detected by UnHackMe:

ZMDPMG.EXE
Default location: %WinDir%\ZMDPMG.EXE

Dropper information:
MD5: 0157176b3065b4be1d399508c4ff8420
File size: 21504 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images