We received the file NETWORKWIDGET.EXE and detected that NETWORKWIDGET.EXE is not good.
NETWORKWIDGET.EXE is Adware. You should remove the file NETWORKWIDGET.EXE.
Kill the process NETWORKWIDGET.EXE and remove NETWORKWIDGET.EXE from Windows.
Malware Analysis of NETWORKWIDGET.EXE
Full path on a computer: %Common Appdata%\NetworkWidget\NetworkWidget.exe
Detected by UnHackMe:
NETWORKWIDGET.EXE
Default location: %Common Appdata%\NetworkWidget\NetworkWidget.exe
Removal Results: Success
Number of reboot: 1
NETWORKWIDGET.EXE is known as:
Adware.Agent.288336, a variant of Win32.Adware.Kraddare.HL
NETWORKWIDGET.EXE hash:
- MD5: fca058cda3b6ca61afbbdab6ffac5cf8
How to quickly detect NETWORKWIDGET.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\NetworkWidget: “%Common Appdata%\NetworkWidget\NetworkWidget.exe”
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 0B 00 00 00 00 00 18 00 FD 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\ErrorControl: 0×00000001
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\ImagePath: “%Common Appdata%\NetworkWidget\NetworkWidgetService.exe”
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\DisplayName: “NetworkWidgetService”
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\DependOnService: ‘RPCSS’
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\DependOnGroup: 00
- HKLM\System\CurrentControlSet\Services\NetworkWidgetService\ObjectName: “LocalSystem”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\NetworkWidget: “”%Common Appdata%\NetworkWidget\NetworkWidget.exe”"
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetworkWidget\UninstallString: “”%Common Appdata%\NetworkWidget\NetworkWidget.exe” -uninstall”
- HKLM\System\CurrentControlSet\Services\BITS\Start: 0×00000003
Folders:- %Common Appdata%\NetworkWidget
Files:- %Common Appdata%\NetworkWidget\NetworkWidget.exe
- %Common Appdata%\NetworkWidget\NetworkWidgetService.exe