KNYXI.EXE is Trojan Rimecud

July 11, 2012 by NightWatcher
Filed under: Malware 
: Solved!

Fix it immediately:

We checked up the file KNYXI.EXE and found it hazardous.
The file KNYXI.EXE must be deleted from the system immediately.
Kill the process KNYXI.EXE and remove KNYXI.EXE from the Windows startup.

Malware Analysis of KNYXI.EXE
Full path on a computer: C:\Users\test\knyxi.exe

Detected by UnHackMe:

Item Name: shell
Author: Unknown
Related File: explorer.exe,C:\Users\test\knyxi.exe
Type: User Shell

After first reboot detected by UnHackMe:

Item Name: shell
Author: Unknown
Related File: C:\Users\test\knyxi.exe,explorer.exe
Type: User Shell

Removal Results: Success
Number of reboot: 1

KNYXI.EXE is known as:

Trojan.Rimecud

KNYXI.EXE hash:

  • MD5: e71610ec6e4217f3f217dc06fbf1cfa0
How to quickly detect KNYXI.EXE presence?

Registry:
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\Users\test\knyxi.exe”
Files:
  • C:\Users\test\knyxi.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: KNYXI.EXE, Rimecud, Trojan

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.