The file W68V12.EXE is malware related.
You must delete the file W68V12.EXE immediately!
Delete the file W68V12.EXE without delay!
Kill the process W68V12.EXE and remove W68V12.EXE from the Windows startup.
Malware Analysis of W68V12.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe
Detected by UnHackMe:
W68V12.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe
Removal Results: Success
Number of reboot: 1
W68V12.EXE is known as:
Trojan.Hoptto.A, W32.Hamweq.worm, Trojan.Agent, Trojan.Injector.aabq, Trojan.Jorik.bfdyup, W32.Trojan2.NUWN, W32.Pilleuz, Buzus.BNHN, Win32.Lethic.MH, Win.Trojan.Buzus-3318, Trojan.Jorik.Nrgbot.ene, Trojan.Injector.9cDRs0u35wg, Trojan.Agent.Gen-Dropper, TrojWare.Buzus.mtkr, TR.Agent.73728.31, Mal.EncPk-AIC, Trojan.Buzus.aryq, Troj.Buzus.mt.(kcloud), Trojan.Lethic.B, Trojan.A.Buzus.143872.A, Worm.Stekct, W32.Trojan.EXYH-6296, Trojan.Jorik.Nrgbot, Malware.Pilleuz.rem, Win32.Lethic.AA, Trojan.Lethic, W32.Jorik_Nrgbot.AA.tr, Trj.OCJ.A
W68V12.EXE hash:
- MD5: f599a4cd861fa3f21b11a54a126e071e
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\wi68: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\Desktop.ini
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe