We received the file DESKTOPWEATHERALERTSAPP.EXE and detected that DESKTOPWEATHERALERTSAPP.EXE is not good.
DESKTOPWEATHERALERTSAPP.EXE is Adware. You should remove the file DESKTOPWEATHERALERTSAPP.EXE.
Kill the process DESKTOPWEATHERALERTSAPP.EXE and remove DESKTOPWEATHERALERTSAPP.EXE from Windows.
Malware Analysis of DESKTOPWEATHERALERTSAPP.EXE
Full path on a computer: %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp.exe
Detected by UnHackMe:
DESKTOPWEATHERALERTSAPP.EXE
Default location: %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp.exe
Removal Results: Success
Number of reboot: 1
DESKTOPWEATHERALERTSAPP.EXE is known as:
Adware.StrongVault.A, Adware.Blinkx.SevereWeatherAlerts (fs)
DESKTOPWEATHERALERTSAPP.EXE hash:
- MD5: ade1da046f3e3236154f15f23810245c
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect DESKTOPWEATHERALERTSAPP.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect\DisplayName: “Search Protect”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect\UninstallString: “”C:\PROGRA~1\SearchProtect\Main\bin\uninstall.exe” /S”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage\DisplayName: “VO Package”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage\UninstallString: “”%Appdata%\VOPackage\uninstall.exe”"
- HKLM\System\CurrentControlSet\Services\CltMngSvc\ImagePath: “C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe”
- HKLM\System\CurrentControlSet\Services\CltMngSvc\DisplayName: “Search Protect by Conduit Service”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopWeatherAlerts\DisplayName: “DesktopWeatherAlerts”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopWeatherAlerts\UninstallString: “%Local Appdata%\WeatherAlerts\DesktopWeatherAlertsuninstall.exe”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll”
Folders:- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\searchplugins
- %Appdata%\VOPackage
- %Local Appdata%\Local_Weather_LLC
- %Local Appdata%\SearchProtect
- %Local Appdata%\WeatherAlerts
- %Programs%\VOPackage
- %Programs%\Weather Alerts
- %Program Files%\SearchProtect
Files:- %Appdata%\VOPackage\Uninstall.exe
- %Appdata%\VOPackage\VOPackage.exe
- %Local Appdata%\Local_Weather_LLC\WeatherAlerts.exe_Url_psltirhb5t3rmhrc4vlh4uv13vulp4pz\1.4.0.0\user.config
- %Local Appdata%\SearchProtect\SearchProtect\rep\UserRepository.dat
- %Local Appdata%\SearchProtect\SearchProtect\rep\UserSettings.dat
- %Local Appdata%\SearchProtect\UI\rep\UIRepository.dat
- %Local Appdata%\WeatherAlerts\0501203642\3743.0.tmp
- %Local Appdata%\WeatherAlerts\0501203642\3743.1.tmp
- %Local Appdata%\WeatherAlerts\0501203642\3743.2.tmp
- %Local Appdata%\WeatherAlerts\0501203642\3743.3.tmp
- %Local Appdata%\WeatherAlerts\0501203642\3743.4.tmp
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp.exe
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp.exe.config
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp0.dat
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsBrowser.exe
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsBrowser.exe.config
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsK.dat.U.dat
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsU.dat
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsuninstall.exe
- %Local Appdata%\WeatherAlerts\ICSharpCode.SharpZipLib.dll
- %Local Appdata%\WeatherAlerts\mod.DesktopWeatherAlertsApp0.dat
- %Local Appdata%\WeatherAlerts\uninstall.exe
- %Local Appdata%\WeatherAlerts\WAUpdater.exe
- %Local Appdata%\WeatherAlerts\WAUpdater.exe.config
- %Local Appdata%\WeatherAlerts\WeatherAlerts.exe
- %Local Appdata%\WeatherAlerts\WeatherAlerts.exe.config
- %Startup%\DesktopWeatherAlerts.lnk
- %Startup%\Weather Alerts.lnk