We checked up the file UTILNARA.EXE and found it hazardous.
The file UTILNARA.EXE must be deleted from the system immediately.
Kill the process UTILNARA.EXE and remove UTILNARA.EXE from the Windows startup.
Malware Analysis of UTILNARA.EXE
Full path on a computer: %Program Files%\utilnara\UtilNara.exe
Detected by UnHackMe:
UTILNARA.EXE
Default location: %Program Files%\utilnara\UtilNara.exe
Removal Results: Success
Number of reboot: 1
UTILNARA.EXE is known as:
Trojan.MalSign.FakeAV.c2e
UTILNARA.EXE hash:
- MD5: 3953db1c3579fcfa037fedc45c47f15b
The file tries to download information from some web sites.
How to quickly detect UTILNARA.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{6E2A7226-3270-44E5-A913-43C137E522B0}\InprocServer32\: “%SysDir%\UTILNA~1.OCX”
- HKLM\Software\Classes\CLSID\{7B475590-7DC5-4D43-8243-A286725BA899}\InprocServer32\: “%SysDir%\UTILNA~1.OCX”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\utilnara: “”%Program Files%\utilnara\utilnaraupdate.exe” -r”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\utilnara\DisplayName: “UtilNara LauncherControl Uninstall”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\utilnara\UninstallString: “”%Program Files%\utilnara\Uninstall.exe”"
Folders:- %Program Files%\utilnara
Files:- %Program Files%\utilnara\Uninstall.exe
- %Program Files%\utilnara\UtilNara.exe
- %Program Files%\utilnara\utilnaraupdate.exe
- %SysDir%\utilnaralauncher.ocx
- %SysDir%\utilnara_dn.dll