We checked up the file ETHAPI.DLL and found it hazardous.
The file ETHAPI.DLL must be deleted from the system immediately.
Kill the process ETHAPI.DLL and remove ETHAPI.DLL from the Windows startup.
Malware Analysis of ETHAPI.DLL
Full path on a computer: %Appdata%\ethapi.dll
Detected by UnHackMe:
Item Name: ethapi
Author: Syntek Corporation
Related File: %APPDATA%\ETHAPI.DLL
Type: Registry Run
Removal Results: Success
Number of reboot: 1
ETHAPI.DLL is known as:
Trojan.Medfos, Medfos.BO, Packed.Krap.iu, Trojan.DownLoader8.3163, TR.Symmi.10244.4, Mal.Medfos-M, BScope.Malware-Cryptor.Vals.22, a variant of Win32.Medfos.JJ, W32.Clicker.LOL.tr
ETHAPI.DLL hash:
- MD5: a89d3b617a635e4386c97b72d5da791e
The file tries to download information from some web sites.
How to quickly detect ETHAPI.DLL presence?
![]( "Registry")
Registry:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ethapi: “rundll32.exe “%Appdata%\ethapi.dll”,AAuxClose”
Files:- %Appdata%\ethapi.dll