I8TBKYHAU7.EXE is Trojan Wigon

June 5, 2012 by NightWatcher
Filed under: Malware 
: Solved!

Fix it immediately:

We checked up the file I8TBKYHAU7.EXE and found it hazardous.
The file I8TBKYHAU7.EXE must be deleted from the system immediately.
Kill the process I8TBKYHAU7.EXE and remove I8TBKYHAU7.EXE from the Windows startup.

Malware Analysis of I8TBKYHAU7.EXE
Full path on a computer: %UserProfile%\i8tbkyhau7.exe

Detected by UnHackMe:

I8TBKYHAU7.EXE
Default location: %UserProfile%\i8tbkyhau7.exe

Removal Results: Success
Number of reboot: 1

I8TBKYHAU7.EXE is known as:

Trojan.Wigon, Trojan.Jorik.Totem, Backdoor.Bulknet, Trojan.Cutwail

I8TBKYHAU7.EXE hash:

  • MD5: 1bde4bbaf5b4d86fa86e8c2875ee5814
How to quickly detect I8TBKYHAU7.EXE presence?

Registry:
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\i8tbkyhau7: “%UserProfile%\i8tbkyhau7.exe”
Files:
  • %UserProfile%\i8tbkyhau7.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: I8TBKYHAU7.EXE, Trojan, Wigon

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.