LED.EXE is Worm Fagled
The file LED.EXE is a computer worm.
The worm LED.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the LED.EXE problem as soon as possible!
Delete the file LED.EXE from all infected computers in your network.
Set up your network firewall against LED.EXE intervention.
Malware Analysis of LED.EXE
Full path on a computer: %WinDir%\led.exe
Detected by UnHackMe:
LED.EXE
Default location: %WinDir%\led.exe
Removal Results: Success
Number of reboot: 1
LED.EXE is known as:
Worm.Fagled
LED.EXE hash:
- MD5: 10054a7dbf9b5aa10eab59d2005c330f
How to quickly detect LED.EXE presence?
Registry:
Folders:
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\W32/LED: “C:\windows\led.exe”
Folders:- %AppData%\Microsoft\Outlook
- %Local Appdata%\Microsoft\FORMS
- %Local Appdata%\Microsoft\Outlook
- %Temp%\outlook logging
Files:- %AppData%\Microsoft\Outlook\outitems.log
- %Local Appdata%\Microsoft\FORMS\FRMCACHE.DAT
- %Program Files%\Microsoft Office\OFFICE11\AccessWeb\ienet.exe
- %Program Files%\VMware\VMware Tools\Guest SDK\vmGuestLibJava\doc\ienet.exe
- %Program Files%\VMware\VMware Tools\help\wwhelp\wwhimpl\common\html\ienet.exe
- %Program Files%\VMware\VMware Tools\help\ienet.exe
- %SysDir%\wbem\AutoRecover\8858F1BA0D460E5A5B27AB13DE3ACB5D.mof
- %WinDir%\Web\printers\ienet.exe
- %WinDir%\led.exe
- C:\xirtaM.txt
Recommended: UnHackMe anti-rootkit and anti-malware
Premium software: RegRun Security Suite (Good choice for removal and protection)
