Is the file SOUND.EXE located on your computer? Then your computer is infected.
We do suggest you should remove SOUND.EXE from your computer as soon as possible.
SOUND.EXE is Trojan/Backdoor.
Kill the process SOUND.EXE and remove SOUND.EXE from the Windows startup.
Malware Analysis of SOUND.EXE
Full path on a computer: %Temp%\1.tmp\sound.exe
Detected by RegRun Warrior:
Item Name: shell
Author: Unknown
Related File: %Temp%\1.tmp\sound.exe
Type: System.ini
Removal Results: Success
Number of reboot: 1
SOUND.EXE is known as:
Trojan.Ransom.Gimemo.autu, Trojan.Agent.RNS, Trojan.LockScreen.apd, Trojan.Gimemo.bcwijl, Trojan-Ransom.Gimemo.autu, Trojan.LockScreen.9OCCmxcQeBc, Trojan.AVKill.26236, TR.Graftor.54861.8, Trojan.Genome.dgt, Troj.Undef.(kcloud), Trojan.Somhoveran.A, Trojan.A.Gimemo.374272.B, Trojan.Gimemo, W32.Trojan.DTOV-7698, a variant of Win32.LockScreen.APD, W32.Gimemo.AUTU.tr
SOUND.EXE hash:
- MD5: 077e5e14934d3b99c92a3c4bd9639d4e
How to quickly detect SOUND.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\System\CurrentControlSet\Services\USBSTOR\Start: 0×00000000
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “%Temp%\1.tmp\sound.exe”
- HKLM\System\CurrentControlSet\Services\Cdrom\Start: 0×00000000
Folders:- %Temp%\1.tmp
Files:- %Temp%\1.tmp\sound.exe