• Main Menu
  • g2mdlhlpx.exe


    The original g2mdlhlpx.exe is a part of Citrix GoToMeeting and GoToWebinar. Malware creators have copied this filename in an attempt to “hide” from PC owners and system administrators.

    Someone who has Citrix GoToMeeting or GoToWebinar installed does not have to worry about this process. However, if he/she does not have either of these Citrix products installed on his/her PC, he/she will have to clean this malware from the PC.

    The legitimate g2mdlhlpx.exe executable installs in the C:Documents and Settings%user account% folder. Rogue versions of this executable process are sometimes found in other locations such as C:WINDOWSjavag2mdlhlpx.exe.

    The rogue g2mdlhlpx.exe process is classified as a Trojan virus, while there are versions of this file proven to be spyware applications or malware processes. It has a size that never exceeds 60kbytes. This threat is installed unknowingly into a user’s PC through the Internet, particularly through anti-spyware pop-up advertisements.

    It has been reported that the file g2mdlhlpx.exe can also damage the Windows configuration, particularly with regards to the files’ boot up and config processes. Users who have encountered this threat reported that their browsers started redirecting them to certain network addresses. This led to the total corruption of most of these infected computers. This process also appears to be capable of disabling Windows firewall and automatic updates. The Windows OS versions that this malicious file can infect include:

    • Windows 98
    • Windows 95
    • Windows XP
    • Windows Me
    • Windows NT
    • Windows 2000

    Got Something To Say:

    Your email address will not be published. Required fields are marked *

    5 comments
    1. coucou

      22 December, 2011 at 8:20 pm

      hello, this malware infected my computer, my os is Windows 7

      Reply
    2. John C

      4 September, 2011 at 8:43 pm

      All I can say is what incompetent boob would use the users profile directory to run applications from.  A executable file located in the users profile directory is a red flag and you should verify the file before continuing.  

      Despite what the above article states you should submit the file to VirusTotal as an added measure to insure the file does not contain a virus.

      A competent programmer will not install and execute an application from users profile dir.
       

      Reply
      • Jon

        19 May, 2013 at 8:01 am

        The text states that the legitimate exe for Citrix installs to the user directory

        Reply
    3. jb

      28 December, 2010 at 10:23 pm

      Re “never exceeds 60kbytes.” Please clarify.
      Does this mean that mine (71kb) is legitimate or not?

      Reply
    4. Joanne

      25 August, 2010 at 11:12 am

      THANKYOU this is the best and most complete answer I have ever gotten or a malware problem. I have the g2mtg file because I need it. Other sites would have removed the file and it would have created major problems for me.

      Reply
    Malware
    203 queries in 0.459 seconds.