The file 12134901.EXE is malware related.
You must delete the file 12134901.EXE immediately!
Delete the file 12134901.EXE without delay!
Kill the process 12134901.EXE and remove 12134901.EXE from the Windows startup.
Malware Analysis of 12134901.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\12134901.exe
Detected by UnHackMe:
12134901.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\12134901.exe
Removal Results: Success
Number of reboot: 1
12134901.EXE is known as:
Trojan.Gurl, W32.Trojan2.NWBR, Ircbrute.GX, Win32.Lethic.THCJaN, Trojan.Injector.XWZZ9oRWCPQ, Trojan.Agent.Gen-Undef, TrojWare.Injector.BGJ, BackDoor.Gurl.2, Trojan.Agent.aaxv (v), Troj.Agent-AAXV, Backdoor.Azbreg.bqi, Worm[Net].Kolab, Troj.Undef.(kcloud), Trojan.Lethic.B, Worm.Net-Kolab.68231, W32.Trojan.WLUI-7811, Trojan.HmBlocker, BScope.Backdoor.IRCBot.2122, Trj.Zbot.M, Win32.Injector.AEJX, Trojan.Ircbrute, W32.Injector.AEJX.tr
12134901.EXE hash:
- MD5: 640705d77c09afa949d3841be8c7797c
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\12134901.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\12341901: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\12134901.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\12134901.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\12134901.exe
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-12319896\Desktop.ini