The file ATNXWA6.EXE is a computer worm.
The worm ATNXWA6.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the ATNXWA6.EXE problem as soon as possible!
Delete the file ATNXWA6.EXE from all infected computers in your network.
Set up your network firewall against ATNXWA6.EXE intervention.
Malware Analysis of ATNXWA6.EXE
Full path on a computer: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\atnxwa6.exe
Detected by UnHackMe:
ATNXWA6.EXE
Default location: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\atnxwa6.exe
Removal Results: Success
Number of reboot: 1
ATNXWA6.EXE is known as:
Worm.Net-Kolab
ATNXWA6.EXE hash:
- MD5: b2be65eff53b1da8797897c047c13c2b
How to quickly detect ATNXWA6.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\atnxwa6.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\antaw4r6: “C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\atnxwa6.exe”
- HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\atnxwa6.exe”
Folders:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146
Files:- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\atnxwa6.exe
- C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-568146\Desktop.ini