WINHE804.EXE is Trojan Yoddos

Is the file WINHE804.EXE located on your computer? Then your computer is infected.
We do suggest you should remove WINHE804.EXE from your computer as soon as possible.
WINHE804.EXE is Trojan/Backdoor.
Kill the process WINHE804.EXE and remove WINHE804.EXE from the Windows startup.

Malware Analysis of WINHE804.EXE
Full path on a computer: %SysDir%\WinHe804.exe

Detected by UnHackMe:

Default location: %SysDir%\WinHe804.exe

Will you remove it?
0 0

Download Removal Tool for Free

Removal Results: Success
Number of reboot: 1

WINHE804.EXE is known as:


WINHE804.EXE hash:

  • MD5: cd7bc2189edaa6a08893b40eea0a8f0e
The file tries to connect to the dangerous web site.
How to quickly detect WINHE804.EXE presence?

  • HKLM\System\CurrentControlSet\Enum\Root\LEGACY_WIN804\0000\Service: “Win804″
  • HKLM\System\CurrentControlSet\Enum\Root\LEGACY_WIN804\0000\DeviceDesc: “Windows804″
  • HKLM\System\CurrentControlSet\Services\Win804\ImagePath: “%SysDir%\WinHe804.exe”
  • HKLM\System\CurrentControlSet\Services\Win804\DisplayName: “Windows804″
  • HKLM\System\CurrentControlSet\Services\Win804\Description: “Windows Help System for804″
  • %SysDir%\WinHe804.exe

I use UnHackMe for cleaning ads and viruses from my friend's computers, because it is extremely fast and effective.

STEP 1: Download UnHackMe for free

UnHackMe removes Adware/Spyware/Unwanted Programs/Browser Hijackers/Search Redirectors from your PC easily.

Free Download

UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10 32 or 64-bit. UnHackMe uses minimum of computer resources.

STEP 2: Double click on UnHackMe_setup.exe

You will see a confirmation screen with verified publisher: Greatis Software. Verified Publisher Greatis Software

Once UnHackMe has installed has installed the first Scan will start automatically

Review the detected threats

STEP 3: Carefully review the detected threats!

Click Remove button or False Positive.


3 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 53 votes, average: 5.00 out of 5 (3 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.