We received the file WINDOWSTAB_MON.EXE and detected that WINDOWSTAB_MON.EXE is not good.
WINDOWSTAB_MON.EXE is Adware. You should remove the file WINDOWSTAB_MON.EXE.
Kill the process WINDOWSTAB_MON.EXE and remove WINDOWSTAB_MON.EXE from Windows.
Malware Analysis of WINDOWSTAB_MON.EXE
Full path on a computer: %Local Appdata%\windowstab\windowstab_mon.exe
Detected by UnHackMe:
WINDOWSTAB_MON.EXE
Default location: %Local Appdata%\windowstab\windowstab_mon.exe
Removal Results: Success
Number of reboot: 1
WINDOWSTAB_MON.EXE is known as:
Adware.WindowsTap
WINDOWSTAB_MON.EXE hash:
- MD5: c09432d13abe2e8e310bdb0a4b254591
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect WINDOWSTAB_MON.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\System\CurrentControlSet\Services\windowstab_mon\Type: 0×00000010
- HKLM\System\CurrentControlSet\Services\windowstab_mon\Start: 0×00000002
- HKLM\System\CurrentControlSet\Services\windowstab_mon\ErrorControl: 0×00000000
- HKLM\System\CurrentControlSet\Services\windowstab_mon\ImagePath: “%Local Appdata%\windowstab\windowstab_mon.exe”
- HKLM\System\CurrentControlSet\Services\windowstab_mon\DisplayName: “Windows Tab Manager”
- HKLM\System\CurrentControlSet\Services\windowstab_mon\ObjectName: “LocalSystem”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\WINDOWSTAB_UC: “”%Local Appdata%\windowstab\windowstab_uc.exe” /run ”
Folders:- %Local Appdata%\windowstab
Files:- %Local Appdata%\windowstab\windowstab.exe
- %Local Appdata%\windowstab\windowstab_mon.exe
- %Local Appdata%\windowstab\windowstab_uc.exe
- %Local Appdata%\windowstab\windowstab_unins.exe
- %Temp%\windowstab_ins.exe
- %Temp%\windowstab_recom.exe
- %Startup%\windowstab_uc.lnk