I will tell you in this post how to fix the issue manually and how to clean it automatically using a special powerful removal tool. You can download the removal program for free here: is unknown, probably legitimate.
If the file is located on your computer, download UnHackMe for free to fix the problem with

Malware Analysis of
Executed: C:\sand-box\update.exe

How to quickly detect malware presence?

Will you remove it?
0 0

Download Removal Tool for Free

People say

Visitor post


Antivirus Version Last Update Result
F-Secure 9.0.16440.0 2011.05.11 -
Kaspersky 2011.05.11 HEUR:Trojan-Downloader.Win32.Generic
Microsoft 1.6802 2011.05.11 -
NOD32 6112 2011.05.11 -


MD5 b170652795284a0dda31e3c4034a7a55

SHA1 fa2628be5702d81a0785f2440b453318f35d9146

SHA256 ce48f153b86cca5d3d688f74e49bcdc9b790b9f458f2ad1d070b940b3d208313


When the program is executed, it creates the following registry subkeys and values:

Values added:1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\GlobalUserOffline: 0×00000000

Files added:7
C:\Documents and Settings\Administrator\Local Settings\Temp\down2.txt

Total changes:8

Recommended software:
UnHackMe anti-rootkit and anti-malware
RegRun Security Suite (Good choice for removal and protection)

I use UnHackMe for cleaning ads and viruses from my friend's computers, because it is extremely fast and effective.

STEP 1: Download UnHackMe for free

UnHackMe removes Adware/Spyware/Unwanted Programs/Browser Hijackers/Search Redirectors from your PC easily.

Free Download

UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10 32 or 64-bit. UnHackMe uses minimum of computer resources.

STEP 2: Double click on UnHackMe_setup.exe

You will see a confirmation screen with verified publisher: Greatis Software. Verified Publisher Greatis Software

Once UnHackMe has installed the first Scan will start automatically

Review the detected threats

STEP 3: Carefully review the detected threats!

Click Remove button or False Positive.


2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5)
You need to be a registered member to rate this.