Remove KONKSOLEX.EXE malware
KONKSOLEX.EXE Malware Removal Guide
Manual removal instructions:
Antivirus Report of KONKSOLEX.EXE:
konksolex.exe
Full path on a computer: %COMMON APPDATA%\KONKSOLEX\KONKSOLEX.EXE
Autostart registry keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Konksolex.exe
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Konksolex.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Konksolex.exe\GlobalFlag: 0x00000200
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Konksolex.exe\IgnoreSelfExits: 0x00000001
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\KONKSOLEX.EXE\MONITORPROCESS: "%COMMON APPDATA%\WINDOWS MONITOR\MONITOR.EXE %I DEVICEID=1BED8369-5481-99B3-CBE2-0AEF52719B95 CHANNELID=10 DISTRIBUTER=APSFTUTO4PC PROCESSNAME=KONKSOLEX.EXE STATSADDRESS=HTTP://STATS.IJNEWHB.COM/STATISTICSSERVICE.SVC/V1/JSON/LOGEVENT"
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Konksolex.exe\ReportingMode: 0x00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\KONKSOLEX\IMAGEPATH: "%COMMON APPDATA%\\KONKSOLEX\\KONKSOLEX.EXE SHUZ -F "%COMMON APPDATA%\\KONKSOLEX\\KONKSOLEX.DAT" -L -A"
Related Files:
%COMMON APPDATA%\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SYSTEM HEALER\LAUNCH SYSTEM HEALER.LNK
%COMMON APPDATA%\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SYSTEM HEALER\SYSTEM HEALER ON THE WEB.URL
%COMMON APPDATA%\MICROSOFT\WINDOWS\WER\REPORTARCHIVE\APPCRASH_KONKSOLEX.EXE_59DFC7D3AAF8D519C652B3110DE619EDC11AB_B58F2DA5_0BC396F2\REPORT.WER
%COMMON APPDATA%\MICROSOFT\WINDOWS\WER\REPORTARCHIVE\APPCRASH_KONKSOLEX.EXE_59DFC7D3AAF8D519C652B3110DE619EDC11AB_B58F2DA5_14249A39\REPORT.WER
%COMMON APPDATA%\MICROSOFT\WINDOWS\WER\REPORTARCHIVE\APPCRASH_TAMPSTRING.EXE_8C9472778633CFCEFC833F8673B5C97B54ED8F_409617FD_0BC39BF3\REPORT.WER
KONKSOLEX.EXE is reported and classified as malicious program (malware).
KONKSOLEX.EXE actively resists detection and employs a number of techniques to ensure that you cannot remove KONKSOLEX.EXE from infected computers.
Phishing is the most common way for malware to infect computers.
It could be a fake email message that appears to be originated from Microsoft Customer Service, eBay, PayPal, Amazon, or even your bank or insurance company.
Fake emails that appear to come from the police, the FBI and other government entities were also reported.
KONKSOLEX.EXE could also infect your computer by exploiting a security vulnerability of your Web browser or one of its plugins.
If this is the case, KONKSOLEX.EXE would be injected into a Web page, and could get to your PC when you visited a malicious or hacked Web site.
KONKSOLEX.EXE can be distributed with legitimate software that is repackaged by the scammers.
It could be downloaded from warez Web sites or download archives.
KONKSOLEX.EXE works in background. It does not appear as a window, does not have a shortcut.
KONKSOLEX.EXE hides its existence from your eyes.
It may not be easy!
Be careful!
Make a full backup of your PC before starting.
KONKSOLEX.EXE | Malware |
KONKSOLEX.EXE | Dangerous |
KONKSOLEX.EXE | High Risk |
Autostart registry keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Konksolex.exe
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Konksolex.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Konksolex.exe\GlobalFlag: 0x00000200
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Konksolex.exe\IgnoreSelfExits: 0x00000001
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\KONKSOLEX.EXE\MONITORPROCESS: "%COMMON APPDATA%\WINDOWS MONITOR\MONITOR.EXE %I DEVICEID=1BED8369-5481-99B3-CBE2-0AEF52719B95 CHANNELID=10 DISTRIBUTER=APSFTUTO4PC PROCESSNAME=KONKSOLEX.EXE STATSADDRESS=HTTP://STATS.IJNEWHB.COM/STATISTICSSERVICE.SVC/V1/JSON/LOGEVENT"
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SilentProcessExit\Konksolex.exe\ReportingMode: 0x00000001
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\KONKSOLEX\IMAGEPATH: "%COMMON APPDATA%\\KONKSOLEX\\KONKSOLEX.EXE SHUZ -F "%COMMON APPDATA%\\KONKSOLEX\\KONKSOLEX.DAT" -L -A"
Related Files:
%COMMON APPDATA%\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SYSTEM HEALER\LAUNCH SYSTEM HEALER.LNK
%COMMON APPDATA%\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SYSTEM HEALER\SYSTEM HEALER ON THE WEB.URL
%COMMON APPDATA%\MICROSOFT\WINDOWS\WER\REPORTARCHIVE\APPCRASH_KONKSOLEX.EXE_59DFC7D3AAF8D519C652B3110DE619EDC11AB_B58F2DA5_0BC396F2\REPORT.WER
%COMMON APPDATA%\MICROSOFT\WINDOWS\WER\REPORTARCHIVE\APPCRASH_KONKSOLEX.EXE_59DFC7D3AAF8D519C652B3110DE619EDC11AB_B58F2DA5_14249A39\REPORT.WER
%COMMON APPDATA%\MICROSOFT\WINDOWS\WER\REPORTARCHIVE\APPCRASH_TAMPSTRING.EXE_8C9472778633CFCEFC833F8673B5C97B54ED8F_409617FD_0BC39BF3\REPORT.WER
What is KONKSOLEX.EXE?
KONKSOLEX.EXE is reported and classified as malicious program (malware).
KONKSOLEX.EXE actively resists detection and employs a number of techniques to ensure that you cannot remove KONKSOLEX.EXE from infected computers.
How KONKSOLEX.EXE got on your computer?
Phishing is the most common way for malware to infect computers.
It could be a fake email message that appears to be originated from Microsoft Customer Service, eBay, PayPal, Amazon, or even your bank or insurance company.
Fake emails that appear to come from the police, the FBI and other government entities were also reported.
KONKSOLEX.EXE could also infect your computer by exploiting a security vulnerability of your Web browser or one of its plugins.
If this is the case, KONKSOLEX.EXE would be injected into a Web page, and could get to your PC when you visited a malicious or hacked Web site.
KONKSOLEX.EXE can be distributed with legitimate software that is repackaged by the scammers.
It could be downloaded from warez Web sites or download archives.
How do you know you have KONKSOLEX.EXE on my computer?
KONKSOLEX.EXE works in background. It does not appear as a window, does not have a shortcut.
KONKSOLEX.EXE hides its existence from your eyes.
How to remove KONKSOLEX.EXE?
It may not be easy!
Be careful!
Make a full backup of your PC before starting.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.