We checked up the file WINRAR.EXE and found it hazardous.
The file WINRAR.EXE must be deleted from the system immediately.
Kill the process WINRAR.EXE and remove WINRAR.EXE from the Windows startup.
Malware Analysis of WINRAR.EXE
Full path on a computer: %Temp%\winrar.exe
Detected by UnHackMe:
Item Name: 1ce5c21bd74c042cdcd945e699c951c5
Related File: %TEMP%\WINRAR.EXE
Type: Registry Run
Item Name: 1ce5c21bd74c042cdcd945e699c951c5.exe
Related File: %STARTUP%\1CE5C21BD74C042CDCD945E699C951C5.EXE
Type: Startup Folder
Default location: %Temp%\winrar.exe
Removal Results: Success
Number of reboot: 1
WINRAR.EXE is known as:
Trojan.Bladabindi, Trojan.Zapchast, Trojan.Msil
- MD5: e1c333694696ac5788ae7f48bf9a8c22
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\1ce5c21bd74c042cdcd945e699c951c5: “”%Temp%\winrar.exe” ..”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\1ce5c21bd74c042cdcd945e699c951c5: “”%Temp%\winrar.exe” ..”
I use UnHackMe for cleaning ads and viruses from my friend's computers, because it is extremely fast and effective.
STEP 1: Download UnHackMe for freeUnHackMe removes Adware/Spyware/Unwanted Programs/Browser Hijackers/Search Redirectors from your PC easily.
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10 32 or 64-bit. UnHackMe uses minimum of computer resources.
STEP 2: Double click on UnHackMe_setup.exeYou will see a confirmation screen with verified publisher: Greatis Software.
Once UnHackMe has installed the first Scan will start automatically
STEP 3: Carefully review the detected threats!Click Remove button or False Positive.