Malware

Should I remove “Application.Heur.emLfkO0hc3nO”?

Malware Removal

The Application.Heur.emLfkO0hc3nO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.Heur.emLfkO0hc3nO virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Hebrew
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine Application.Heur.emLfkO0hc3nO?



File Info:

crc32: A32841E0
md5: 5bdf84ee93dac7f27bee38a448040685
name: 5BDF84EE93DAC7F27BEE38A448040685.mlw
sha1: 41cdb5776cb7ad1f5ac3274c7ed77a3f06665584
sha256: 8e0c17b74d19a717fde10cec0f758a1efa282f7c645b84b9f310aef5961fda6c
sha512: 3913b3c642d27f5ef8f3f0f4d8ccecde0ef406c45a6283839d40cf541670202481553df089f3e3c501d0446b9490c714fcbec61266ac8f5a266eea625062d798
ssdeep: 1536:1Uj4Y8IBxu+DXPx5vA80PkFPJxe0CRvdYZE0qTLQ:1Uj487t/x5v0kTxhwGZE0qA
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: Copyright xa9 2010 - 2015 Nir Sofer
InternalName: RouterPassView
FileVersion: 1.61
CompanyName: NirSoft
ProductName: RouterPassView
ProductVersion: 1.61
FileDescription: Decrypts Router files.
OriginalFilename: RouterPassView.exe
Translation: 0x0409 0x04b0

Application.Heur.emLfkO0hc3nO also known as:

K7AntiVirusUnwanted-Program ( 004bb4941 )
DrWebTool.PassView.1729
CAT-QuickHealHackTool.RotPasView.W4
ALYacGen:Application.Heur.emLfkO0hc3nO
CylanceUnsafe
SangforPUP.Win32.Heur.emLfkO0hc3nO
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderGen:Application.Heur.emLfkO0hc3nO
Cybereasonmalicious.e93dac
ESET-NOD32a variant of Win32/PSWTool.RouterPassView.B potentially unsafe
APEXMalicious
AlibabaRiskWare:Win32/RouterPassView.2218b256
ViRobotHackTool.Agent.80480
MicroWorld-eScanGen:Application.Heur.emLfkO0hc3nO
Ad-AwareGen:Application.Heur.emLfkO0hc3nO
SophosGeneric PUA EB (PUA)
ComodoApplicUnwnt@#1v9vwqrxvk4dh
VIPRENirsoft Password Recovery (not malicious)
McAfee-GW-EditionHTool-PassView
FireEyeGen:Application.Heur.emLfkO0hc3nO
EmsisoftGen:Application.Heur.emLfkO0hc3nO (B)
JiangminPSWTool.PassView.l
Antiy-AVLTrojan/Generic.ASMalwS.1D43D54
AegisLabRiskware.Win32.Emlfko.1!c
GDataGen:Application.Heur.emLfkO0hc3nO
McAfeeHTool-PassView
MalwarebytesRiskWare.PasswordTool
TrendMicro-HouseCallHKTL_PASSVIEW
YandexRiskware.PSWTool!hK8bxt9rbwE
FortinetRiskware/RouterPassView

How to remove Application.Heur.emLfkO0hc3nO?

Application.Heur.emLfkO0hc3nO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment