PORNOCHAT.EXE is Worm Heyya
Is the file PORNOCHAT.EXE located on your computer? Then your computer is infected.
We do suggest you should remove PORNOCHAT.EXE from your computer as soon as possible.
PORNOCHAT.EXE is Trojan/Backdoor.
Kill the process PORNOCHAT.EXE and remove PORNOCHAT.EXE from the Windows startup.
Malware Analysis of PORNOCHAT.EXE
Full path on a computer: %WinDir%\PornoChat.exe
Detected by UnHackMe:
PORNOCHAT.EXE
Default location: %WinDir%\PornoChat.exe
Removal Results: Success
Number of reboot: 1
PORNOCHAT.EXE is known as:
Worm.Heyya
PORNOCHAT.EXE hash:
- MD5: 1391ae359bcc289468dde43885bc2147
How to quickly detect PORNOCHAT.EXE presence?
Registry:
Folders:
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MicrosoftOE: 43 3A 5C 57 49 4E 44 4F 57 53 5C 50 6F 72 6E 6F 43 68 61 74 2E 65 78 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4D 69 63 72 6F 73 6F 66 74 4F 45 00
Folders:- %Common Appdata%\Microsoft\Dr Watson
Files:- %Temp%\7183_appcompat.txt
- %Temp%\7F32.dmp
- %SysDir%\napster.exe
- %WinDir%\PornoChat.exe
- C:\InflunzaSystemCryptoLab.exe
- C:\mail.tmp
- C:\NewFilmMATRIX2.scr
Recommended: UnHackMe anti-rootkit and anti-malware
Premium software: RegRun Security Suite (Good choice for removal and protection)
