The file E2YA1401.EXE is malware related.
You must delete the file E2YA1401.EXE immediately!
Delete the file E2YA1401.EXE without delay!
Kill the process E2YA1401.EXE and remove E2YA1401.EXE from the Windows startup.
Malware Analysis of E2YA1401.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\e2ya1401.exe
Detected by UnHackMe:
E2YA1401.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\e2ya1401.exe
Removal Results: Success
Number of reboot: 1
E2YA1401.EXE is known as:
Trojan.Gurl, W32.Trojan2.NWBR, Ircbrute.GX, Win32.Lethic.THCJaN, Trojan.Injector.XWZZ9oRWCPQ, Trojan.Agent.Gen-Dropper, Troj.Agent-AAXV, TrojWare.Injector.BGJ, BackDoor.Gurl.2, Trojan.Agent.aaxv (v), Backdoor.Azbreg.bqi, Troj.Undef.(kcloud), Trojan.Lethic.B, Worm.Net-Kolab.68231, Trojan.HmBlocker, W32.Trojan.WLUI-7811, BScope.Backdoor.IRCBot.2122, Win32.Injector.AEJX, Trojan.Ircbrute, W32.Injector.AEJX.tr, Trj.Zbot.M
E2YA1401.EXE hash:
- MD5: 78e35cb029f259f333a1084a35152d1d
How to quickly detect E2YA1401.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\e2ya1401.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\e2yaa41: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\e2ya1401.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\e2ya1401.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\Desktop.ini
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1222719\e2ya1401.exe