The file EXCEPTIONFILTER.EXE is identified as the Trojan Program that is used for stealing bank information and users passwords.
To delete EXCEPTIONFILTER.EXE we suggest you should use UnHackMe:
http://www.unhackme.com
Malware Analysis of EXCEPTIONFILTER.EXE
Full path on a computer: %Appdata%\Waxter\exceptionfilter.exe
Detected by UnHackMe:
EXCEPTIONFILTER.EXE
Default location: %Appdata%\Waxter\exceptionfilter.exe
Removal Results: Success
Number of reboot: 1
EXCEPTIONFILTER.EXE is known as:
Trojan.Comroki, Trojan.Bitminer, Trojan ( 00492be71 ), Trojan.Reconyc.baw, Trojan.Inject.B59lkAsRefI, Trojan.BtcMine.269, Trojan.Reconyc, Troj.Reconyc.b.(kcloud), W32.Trojan.RIQU-2004, Win32.CoinMiner.IX, Trojan.Reconyc.AnP, W32.Reconyc.BAW.tr, Win32.Trojan.251
EXCEPTIONFILTER.EXE hash:
- MD5: ee9ae36795c9635e7eef4bb93329f9d4
How to quickly detect EXCEPTIONFILTER.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Exception Filter: “%Appdata%\Waxter\exceptionfilter.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Microsoft Windows Exception Filter: “%Appdata%\Waxter\exceptionfilter.exe”
Folders:- %Appdata%\Waxter
Files:- %Appdata%\Waxter\exceptionfilter.exe
- %Appdata%\Waxter\mnid.txt
- %Appdata%\Waxter\svchost.exe
- %Temp%\257AB.dmp
- %Temp%\c49_appcompat.txt