HECISERVER.EXE – Worm Autoit

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

HECISERVER.EXE – Worm Autoit removal

FileMD5Virus Alias
HECISERVER.EXE 98ef34d12ec85a4e965df7210216574a Worm Autoit
HECISERVER.EXE 98ef34d12ec85a4e965df7210216574a Trojan Generic
HECISERVER.EXE 98ef34d12ec85a4e965df7210216574a Trojan Runner
HECISERVER.EXE 98ef34d12ec85a4e965df7210216574a Trojan Agent

HECISERVER.EXE size: 1628757 bytes
HECISERVER.EXE hash: 98EF34D12EC85A4E965DF7210216574A

Created files:

%AppData%\Microsoft\HeciServer.exe

Autostart registry keys:

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Microsoft(R) Delayed Launcher: 2500410070007000440061007400610025005C004D006900630072006F0073006F00660074005C0048006500630069005300650072007600650072002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft(R) Delayed Launcher: 2500410070007000440061007400610025005C004D006900630072006F0073006F00660074005C0048006500630069005300650072007600650072002E006500780065000000
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: %AppData%\Microsoft\HeciServer.exe,explorer.exe

Detected by UnHackMe:

HECISERVER.EXE
Default location: %APPDATA%\MICROSOFT\HECISERVER.EXE

Dropper information:
MD5: 98ef34d12ec85a4e965df7210216574a
File size: 1628757 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images