AS.EXE is trojan LockScreen

I will tell you in this post how to fix the issue manually and how to clean it automatically using a special powerful removal tool. You can download the removal program for free here:

The file AS.EXE is malware related.
You must delete the file AS.EXE immediately!
Delete the file AS.EXE without delay!
Kill the process AS.EXE and remove AS.EXE from the Windows startup.

Malware Analysis of AS.EXE
Full path on a computer: %WinDir%\Temp\as.exe

Detected by RegRun Warrior:

Item Name: userinit.exe
Author: Gusto Hubs
Related File: %WinDir%\TEMP\AS.EXE
Type: Image Executions Debugger

Item Name: s5ch0st
Author:
Related File: %WinDir%\TEMP\AS.EXE
Type: Registry Run

Removal Results: Success
Number of reboot: 1

AS.EXE is known as:

Backdoor.ZAccess, Trojan.DoubleEagle, Trojan.LockScreen

AS.EXE hash:

  • MD5: 4824c51bd9d5027cd84f83016601a0e9
  • SHA1: 70f72ff0751263b9e8faf1b94c27ba52cb9325a3
How to quickly detect AS.EXE presence? 

Registry:
  • HKLM\Software\Microsoft\Windows\CurrentVersion\Run\s5ch0st: “%WinDir%\Temp\as.exe”
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\s5ch0st: “%WinDir%\Temp\as.exe”
Files:
  • %WinDir%\Temp\as.exe


I use UnHackMe for cleaning ads and viruses from my friend's computers, because it is extremely fast and effective.




1. Download UnHackMe for free

UnHackMe removes Adware/Spyware/Unwanted Programs/Browser Hijackers/Search Redirectors from your PC easily.

Free Download

UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10 32 or 64-bit. UnHackMe uses minimum of computer resources.

2. Double click on UnHackMe_setup.exe

You will see a confirmation screen with verified publisher: Greatis Software. Verified Publisher Greatis Software

Once UnHackMe has installed has installed the first Scan will start automatically

Review the detected threats

3. Carefully review the detected threats!

Click Remove button or False Positive.

Enjoy!