The file W68V12.EXE is malware related.
You must delete the file W68V12.EXE immediately!
Delete the file W68V12.EXE without delay!
Kill the process W68V12.EXE and remove W68V12.EXE from the Windows startup.
Malware Analysis of W68V12.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe
Detected by UnHackMe:
W68V12.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe
Removal Results: Success
Number of reboot: 1
W68V12.EXE is known as:
Trojan.Hoptto.A, W32.Hamweq.worm, Trojan.Agent, Trojan.Injector.aabq, Trojan.Jorik.bfdyup, W32.Trojan2.NUWN, W32.Pilleuz, Buzus.BNHN, Win32.Lethic.MH, Win.Trojan.Buzus-3318, Trojan.Jorik.Nrgbot.ene, Trojan.Injector.9cDRs0u35wg, Trojan.Agent.Gen-Dropper, TrojWare.Buzus.mtkr, TR.Agent.73728.31, Mal.EncPk-AIC, Trojan.Buzus.aryq, Troj.Buzus.mt.(kcloud), Trojan.Lethic.B, Trojan.A.Buzus.143872.A, Worm.Stekct, W32.Trojan.EXYH-6296, Trojan.Jorik.Nrgbot, Malware.Pilleuz.rem, Win32.Lethic.AA, Trojan.Lethic, W32.Jorik_Nrgbot.AA.tr, Trj.OCJ.A
W68V12.EXE hash:
- MD5: f599a4cd861fa3f21b11a54a126e071e
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\wi68: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe”
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\Desktop.ini
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-106669\w68v12.exe