We received the file WS.ENABLER.EXE and detected that WS.ENABLER.EXE is not good.
WS.ENABLER.EXE is Adware. You should remove the file WS.ENABLER.EXE.
Kill the process WS.ENABLER.EXE and remove WS.ENABLER.EXE from Windows.
Malware Analysis of WS.ENABLER.EXE
Full path on a computer: %Common Appdata%\SoftWarehouse\WS.Enabler\WS.Enabler.exe
Detected by UnHackMe:
WS.ENABLER.EXE
Default location: %Common Appdata%\SoftWarehouse\WS.Enabler\WS.Enabler.exe
Removal Results: Success
Number of reboot: 1
WS.ENABLER.EXE is known as:
Adware.PUP.Optional.MultiPlug.A, Trojan-Downloader ( 0048ec4f1 ), Trojan.Downloader.Agent.afd, Trojan.Agent.cojdgu, Win32:Agent-ASOC [Adw], Trojan-Downloader.Adload.dyhq, Trojan.S.Agent.729600.B, Troj.Agent-AFFX, TrojWare.TrojanDownloader.Agent.AFD, Trojan.DownLoad3.30962, TR.Downloader.A.988, TrojanDownloader.Adload.vxu, Trojan-Downloader.Agent.AU, W32.Trojan.IDAE-2984, TrojanDownloader.Adload, a variant of Win32.TrojanDownloader.Agent.AFD, W32.Agent.AFD.tr.dldr, Trojan.Agent.50, Win32.Trojan.Downloader.ec6
WS.ENABLER.EXE hash:
- MD5: 1d283dd3ae2312eee624e8b8c46f6adb
Registry:- HKLM\Software\Classes\CLSID\{E392E443-DF64-AB01-41EA-2EBE44D6186F}\InprocServer32\: “%Program Files%\GGrEatsaveR\oDHzI.dll”
- HKLM\Software\Classes\CLSID\{E9CF2511-9890-5ABD-C900-29150D40301D}\InprocServer32\: “%Program Files%\YoutubeAdblocker\pR.dll”
- HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\DisplayName: “WebSearch”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\7cebf206-f87c-4857-a002-c8371cdf7c83\UninstallString: “C:\DOCUME~1\ALLUSE~1\APPLIC~1\INSTAL~1\{7F231~1\Setup.exe /remove /q0″
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}\UninstallString: “”%Common Appdata%\YoutubeAdblocker\7pz.exe” /s /n /i:”ExecuteCommands;UninstallCommands” “”"
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}\DisplayName: “YoutubeAdblocker”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{43c1b835}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\PROGRA~1\SSSUPP~1\ASSIST~1.DLL”,_uninstall /un”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{43c1b835}\DisplayName: “ss Supporter 1.80″
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}\UninstallString: “”%Common Appdata%\GGrEatsaveR\liukHg.exe” /s /n /i:”ExecuteCommands;UninstallCommands” “”"
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}\DisplayName: “GGrEatsaveR”
- HKLM\System\CurrentControlSet\Services\43c1b835\ImagePath: “”%SysDir%\rundll32.exe” “c:\progra~1\sssupp~1\AssistantSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\43c1b835\DisplayName: “ss Supporter”
- HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\DisplayName: “WebSearch”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\progra~1\sssupp~1\assist~1.dll”
Folders:- %Program Files%\GGrEatsaveR
- %Program Files%\ss Supporter
- %Program Files%\YoutubeAdblocker
Files:- %Common Appdata%\SoftWarehouse\WS.Enabler\5222303344.ini
- %Common Appdata%\SoftWarehouse\WS.Enabler\WS.Enabler.exe
- %Program Files%\GGrEatsaveR\oDHzI.dat
- %Program Files%\GGrEatsaveR\oDHzI.dll
- %Program Files%\GGrEatsaveR\oDHzI.tlb
- %Program Files%\GGrEatsaveR\oDHzI.x64.dll
- %Program Files%\ss Supporter\Assistant.dll
- %Program Files%\ss Supporter\AssistantSvc.dll
- %Program Files%\YoutubeAdblocker\pR.dat
- %Program Files%\YoutubeAdblocker\pR.dll
- %Program Files%\YoutubeAdblocker\pR.tlb
- %Program Files%\YoutubeAdblocker\pR.x64.dll