We checked up the file I75512J72.VBE and found it hazardous.
The file I75512J72.VBE must be deleted from the system immediately.
Kill the process I75512J72.VBE and remove I75512J72.VBE from the Windows startup.
Malware Analysis of I75512J72.VBE
Full path on a computer: %Profile%\PWKCN\I75512j72.vbe
Detected by UnHackMe:
Item Name: WindowsUpdate
Author:
Current Setting: %PROFILE%\PWKCN\I75512J72.VBE
Type: Registry Run
Removal Results: Success
Number of reboot: 1
I75512J72.VBE is known as:
Trojan.Script.Kryptik
I75512J72.VBE hash:
- MD5: fbc036cc3ccc844565ba2361c0b3cecd
How to quickly detect I75512J72.VBE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\WindowsUpdate: “%Profile%\PWKCN\I75512j72.vbe”
Folders:- %Profile%\PWKCN
Files:- %Profile%\PWKCN\AELBS
- %Profile%\PWKCN\I75512j72.vbe
- %Profile%\PWKCN\LATMV
- %Profile%\PWKCN\TMFES
- %Profile%\PWKCN\USWCX
- %Profile%\PWKCN\YMQGIX