We received the file WEATHERALERTS.EXE and detected that WEATHERALERTS.EXE is not good.
WEATHERALERTS.EXE is Adware. You should remove the file WEATHERALERTS.EXE.
Kill the process WEATHERALERTS.EXE and remove WEATHERALERTS.EXE from Windows.
Malware Analysis of WEATHERALERTS.EXE
Full path on a computer: %Local Appdata%\WeatherAlerts\WeatherAlerts.exe
Detected by UnHackMe:
WEATHERALERTS.EXE
Default location: %Local Appdata%\WeatherAlerts\WeatherAlerts.exe
Removal Results: Success
Number of reboot: 1
WEATHERALERTS.EXE is known as:
Adware.Blinkx.SevereWeatherAlerts (fs)
WEATHERALERTS.EXE hash:
- MD5: 91ec0bd8f97b27339e7ea54409ca8942
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect WEATHERALERTS.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect\DisplayName: “Search Protect”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect\UninstallString: “”C:\PROGRA~1\SearchProtect\Main\bin\uninstall.exe” /S”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage\DisplayName: “VO Package”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage\UninstallString: “”%Appdata%\VOPackage\uninstall.exe”"
- HKLM\System\CurrentControlSet\Services\CltMngSvc\ImagePath: “C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe”
- HKLM\System\CurrentControlSet\Services\CltMngSvc\DisplayName: “Search Protect by Conduit Service”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopWeatherAlerts\DisplayName: “DesktopWeatherAlerts”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopWeatherAlerts\UninstallString: “%Local Appdata%\WeatherAlerts\DesktopWeatherAlertsuninstall.exe”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll”
Folders:- %Appdata%\VOPackage
- %Local Appdata%\Local_Weather_LLC
- %Local Appdata%\SearchProtect
- %Local Appdata%\WeatherAlerts
- %Programs%\VOPackage
- %Programs%\Weather Alerts
- %Program Files%\SearchProtect
Files:- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp.exe
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp.exe.config
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsApp0.dat
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsBrowser.exe
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsBrowser.exe.config
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsK.dat.U.dat
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsU.dat
- %Local Appdata%\WeatherAlerts\DesktopWeatherAlertsuninstall.exe
- %Local Appdata%\WeatherAlerts\ICSharpCode.SharpZipLib.dll
- %Local Appdata%\WeatherAlerts\mod.DesktopWeatherAlertsApp0.dat
- %Local Appdata%\WeatherAlerts\uninstall.exe
- %Local Appdata%\WeatherAlerts\WAUpdater.exe
- %Local Appdata%\WeatherAlerts\WAUpdater.exe.config
- %Local Appdata%\WeatherAlerts\WeatherAlerts.exe
- %Local Appdata%\WeatherAlerts\WeatherAlerts.exe.config
- %Startup%\DesktopWeatherAlerts.lnk
- %Startup%\Weather Alerts.lnk