I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
KB00931844.EXE – Trojan ZBot removal
File | MD5 | Virus Alias |
---|---|---|
KB00931844.EXE | 1d1bd0c3ac24de54f71125067c8c1ccf | Trojan ZBot |
KB00931844.EXE | 1d1bd0c3ac24de54f71125067c8c1ccf | Trojan Artemis |
KB00931844.EXE | 1d1bd0c3ac24de54f71125067c8c1ccf | Trojan Cridex |
KB00931844.EXE | 1d1bd0c3ac24de54f71125067c8c1ccf | Trojan Kryptik |
KB00931844.EXE size: 221184 bytes
KB00931844.EXE hash: 1D1BD0C3AC24DE54F71125067C8C1CCF
Created files:
%AppData%\KB00931844.exe
Detected by UnHackMe:
KB00931844.EXE
Default location: %APPDATA%\KB00931844.EXE
Dropper information:
MD5: 1d1bd0c3ac24de54f71125067c8c1ccf
File size: 221184 bytes
No, It depends where you got the file from. How do I know that? Well, this is/used to be an open-source software, not allowed to include malware, spyware, adware or anything similar, the developers are concerned and care about the utility.
If you got the file from this website: https://tuts4you.com/download.php?view.398 (tuts 4 you), the file is filled with Trojans and sure many others risks.
If you got the file from a website like this: peid.waxoo.com/ , the file is intrusion-free, no malware, no spyware, no adware, no viruses, clean.
Even knowing this, the utility called Obfuscator.C isn’t truly a risk, it’s flagged like one because it’s a deobfuscater tool and might be used for revealing code from many .exe and .dll files, this way If you know coding you can crack the antivirus and many other windows software (by example), a true risk for companies, they tremble when hearing about it.
Having knowledge about what this utility does, someone could have rewritten it and filled with security-risk coding. A great tool, a both-sides sharped edges knife.
In conclusion, download this utility from a website you are really sure you can trust in (by example the official page that is dead at this time). Don’t download it from websites filled with supposed software crack tools, lots of fake ads, links targeting to false downloads or simultaneous adfly-like sponsored pages.
Use the tool at your own risk, you have the power, be responsible of what you do (or you might do).
I agree with you.
It is false positive:
https://www.virustotal.com/en/file/e13171d50f45a79bc09b9e4b9ffa38eb02301aca94a1867a9bf8acccc3759030/analysis/