The file STEAMWEBHELPER.EXE is identified as a virus dropper.
The dropper STEAMWEBHELPER.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file STEAMWEBHELPER.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the STEAMWEBHELPER.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the STEAMWEBHELPER.EXE process and delete the file STEAMWEBHELPER.EXE.
Malware Analysis of STEAMWEBHELPER.EXE
Full path on a computer: %Appdata%\steamwebhelper2\steamwebhelper.exe
Detected by UnHackMe:
Default location: %Appdata%\steamwebhelper2\steamwebhelper.exe
Removal Results: Success
Number of reboot: 1
STEAMWEBHELPER.EXE is known as:
Trojan.Passwords.STM, Trojan.Agent.480943, Password-Stealer ( 004a05bc1 ), Trojan.Agent.Steam.dl, Trojan.DownLoader11.deijqe, Trojan.PWS.Steam.snYnfZUCXvU, Trojan.DownLoader11.28860, Trojan.Agent, Trojan.Agent.ahroc, Trojan.MSIL.Steam.BDL, a variant of MSIL.PSW.Steam.DL, Trojan.MSIL.PSW, MSIL.Steam.DL.tr.pws, Luhe.Fiha.A, Trj.Chgt.G
- MD5: d0e7e026c1f6e8a1a66801976215e6a6
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\steamwebhelper: “%Appdata%\steamwebhelper2\steamwebhelper.exe”
I use UnHackMe for cleaning ads and viruses from my friend's computers, because it is extremely fast and effective.
STEP 1: Download UnHackMe for freeUnHackMe removes Adware/Spyware/Unwanted Programs/Browser Hijackers/Search Redirectors from your PC easily.
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10 32 or 64-bit. UnHackMe uses minimum of computer resources.
STEP 2: Double click on UnHackMe_setup.exeYou will see a confirmation screen with verified publisher: Greatis Software.
Once UnHackMe has installed the first Scan will start automatically
STEP 3: Carefully review the detected threats!Click Remove button or False Positive.