The file ABSPROX.EXE is malware related.
You must delete the file ABSPROX.EXE immediately!
Delete the file ABSPROX.EXE without delay!
Kill the process ABSPROX.EXE and remove ABSPROX.EXE from the Windows startup.
Malware Analysis of ABSPROX.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\absprox.exe
Detected by UnHackMe:
Item Name: shell
Author: Unknown
Related File: explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\absprox.exe
Type: User Shell
Item Name: absprox
Author: Unknown
Related File: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\ABSPROX.EXE
Type: Registry Run
Removal Results: Success
Number of reboot: 1
ABSPROX.EXE is known as:
Trojan.Gurl, W32.Trojan2.NWBR, Ircbrute.GX, Win32.Lethic.THCJaN, Trojan.Injector.XWZZ9oRWCPQ, Worm.Net-Kolab.68231, Troj.Agent-AAXV, TrojWare.Injector.BGJ, BackDoor.Gurl.2, Trojan.Agent.aaxv (v), Dropper-FED.5B8B0F0C7239, Backdoor.Azbreg.bqi, Trojan.Lethic.B, Trojan.Agent.Gen-Dropper, Trojan.HmBlocker, W32.Trojan.WLUI-7811, BScope.Backdoor.IRCBot.2122, Trj.Zbot.M, Win32.Injector.AEJX, Trojan.Ircbrute, W32.Injector.AEJX.tr
ABSPROX.EXE hash:
- MD5: 5b8b0f0c72394e7fb464bfd3708df61a
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\absprox.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\absprox: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\absprox.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\absprox.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\absprox.exe
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-5826412\Desktop.ini