{"id":13372,"date":"2012-07-04T09:56:44","date_gmt":"2012-07-04T05:56:44","guid":{"rendered":"http:\/\/greatis.com\/blog\/how-to-remove-malware\/xvidse1-exe.htm"},"modified":"2012-07-04T09:56:44","modified_gmt":"2012-07-04T05:56:44","slug":"xvidse1-exe","status":"publish","type":"post","link":"https:\/\/greatis.com\/blog\/adware\/xvidse1-exe.htm","title":{"rendered":"XVIDSE~1.EXE is Adware Clkpotato"},"content":{"rendered":"<div class=\"wpInsert wpInsertInPostMy wpInsertAbove\" style=\"padding: 0px;\"><\/div><p class=\"sign\">We received the file <b>XVIDSE~1.EXE<\/b> and detected that <b>XVIDSE~1.EXE<\/b> is not good.<br \/>\n<b>XVIDSE~1.EXE<\/b> is Adware. You should remove the file <b>XVIDSE~1.EXE<\/b>.<br \/>\nKill the process <b>XVIDSE~1.EXE<\/b> and remove <b>XVIDSE~1.EXE<\/b> from Windows.<\/p>\n<h2>Malware Analysis of XVIDSE~1.EXE<br \/>\nFull path on a computer: %Temp%\\IXP000.TMP\\XVIDSE~1.EXE<\/h2>\n<div id=\"alist\">\n<h3>Detected by <a href=\"http:\/\/www.unhackme.com\">UnHackMe<\/a>:<\/h3>\n<p><b>XVIDSE~1.EXE<\/b><br \/>\nDefault location: %Temp%\\IXP000.TMP\\XVIDSE~1.EXE<\/p>\n<h3>Removal Results: Success<br \/>\nNumber of reboot: 1<\/h3>\n<\/div>\n<div id=\"blist\">\n<h3><strong>XVIDSE~1.EXE<\/strong>  is known as:<\/h3>\n<p>Adware.Clkpotato, Adware.Rugo, Adware.HotBar, Adware.ScreenSaver<\/p><div class=\"wpInsert wpInsertInPostMy wpInsertMiddle\"><\/div>\n<h3><strong>XVIDSE~1.EXE<\/strong> hash:<\/h3>\n<ul>\n<li>MD5: 8f626dac7801810ac12b5b56b93c9432\n<\/div>\n<div id=\"clist\">\nHow to quickly detect <strong>XVIDSE~1.EXE<\/strong> presence?<\/p>\n<div class=\"icon\"><img loading=\"lazy\" title=\"Registry\" src=\"\/blog\/wp-content\/themes\/revolution-code-blue\/images\/reg.gif\" width=\"32\" height=\"32\" \/>Registry:<\/div>\n<ul>\n<li>HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\Wcxaxw: &#8220;%AppData%\\Wcxaxw.exe&#8221;\n<\/ul>\n<div class=\"icon\"><img loading=\"lazy\" title=\"Files\" src=\"\/blog\/wp-content\/themes\/revolution-code-blue\/images\/files.gif\" width=\"32\" height=\"32\" \/>Files:<\/div>\n<ul>\n<li>%AppData%\\Wcxaxw.exe\n<li>%Temp%\\IXP000.TMP\\XVIDSE~1.EXE\n<li>%Temp%\\upg8.tmp\n<\/ul>\n<\/div>\n<p><!-- end --><\/p>\n<div class=\"wpInsert wpInsertInPostMy wpInsertBelow\" style=\"padding: 0px;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>We received the file XVIDSE~1.EXE and detected that XVIDSE~1.EXE is not good. XVIDSE~1.EXE is Adware. You should remove the file XVIDSE~1.EXE. Kill the process XVIDSE~1.EXE and remove XVIDSE~1.EXE from Windows. Malware Analysis of XVIDSE~1.EXE Full path on a computer: %Temp%\\IXP000.TMP\\XVIDSE~1.EXE Detected by UnHackMe: XVIDSE~1.EXE Default location: %Temp%\\IXP000.TMP\\XVIDSE~1.EXE Removal Results: Success Number of reboot: 1 XVIDSE~1.EXE [&hellip;]<br \/><a style=\"color: #42A2CE\" href=\"https:\/\/greatis.com\/blog\/adware\/xvidse1-exe.htm\"><u>More&#8230;<\/u><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1596],"tags":[94722,6570,6569],"_links":{"self":[{"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/posts\/13372"}],"collection":[{"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/comments?post=13372"}],"version-history":[{"count":0,"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/posts\/13372\/revisions"}],"wp:attachment":[{"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/media?parent=13372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/categories?post=13372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/greatis.com\/blog\/wp-json\/wp\/v2\/tags?post=13372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}