GWIND.EXE is BackDoor Ddoser

July 5, 2012 by NightWatcher
Filed under: Backdoor 
: Solved!

Fix it immediately:

The program GWIND.EXE is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with GWIND.EXE.
Download for free: http://www.unhackme.com

Malware Analysis of GWIND.EXE
Full path on a computer: c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\gwind.exe

Detected by UnHackMe:

GWIND.EXE
Default location: c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\gwind.exe

Removal Results: Success
Number of reboot: 1

GWIND.EXE is known as:

BackDoor.Ddoser, Backdoor.Azbreg

GWIND.EXE hash:

  • MD5: 65dfcfe7988418e7b7eb084c96051b92
How to quickly detect GWIND.EXE presence?

Files:
  • c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
  • c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\gwind.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: Backdoor, Ddoser, GWIND.EXE

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.