We checked some samples of SKYPE.LNK and detected the file SKYPE.LNK as threat.
Remove the SKYPE.LNK file from your computer right now.
Removal tool: http://www.unhackme.com
Malware Analysis of SKYPE.LNK
Full path on a computer: %Startup%\Skype.lnk
Detected by UnHackMe:
Item Name: Shell.exe
Author: Systemt
Related File: %APPDATA%\DEFENDER\SHELL.EXE
Type: Running Processes
Item Name: Skype.lnk
Author: Unknown
Related File: %APPDATA%\DEFENDER\USFT_EXT.EXE.VBS
Type: Startup Folder
Item Name: MACROMEDIA.EXE
Author: Systemt
Related File: %APPDATA%\DEFENDER\MACROMEDIA.EXE
Type: Multi AV Detected Files
Item Name: SHELL.EXE
Author: Systemt
Related File: %APPDATA%\DEFENDER\SHELL.EXE
Type: Multi AV Detected Files
Removal Results: Success
Number of reboot: 1
SKYPE.LNK is known as:
Trojan.BitCoinMiner.D, Trojan.BitCoinMiner.D (B), Trojan.BitCoinMiner
SKYPE.LNK hash:
- MD5: 6e3c9579677a36ddf86832d13a0e564c
The file tries to download information from some web sites.
How to quickly detect SKYPE.LNK presence?
![]( "Folders")
Folders:
![]( "Files")
Files:
Folders:- %Appdata%\Defender
Files:- %Appdata%\Defender\coinutil.dll
- %Appdata%\Defender\kill.bat
- %Appdata%\Defender\macromedia.exe
- %Appdata%\Defender\miner.dll
- %Appdata%\Defender\phatk.cl
- %Appdata%\Defender\phatk.ptx
- %Appdata%\Defender\put.vbs
- %Appdata%\Defender\Shell.exe
- %Appdata%\Defender\usft_ext.dll
- %Appdata%\Defender\usft_ext.exe.vbs
- %Recent%\Defender.lnk
- %Recent%\usft_ext.exe.lnk
- %Startup%\Skype.lnk