home

slowin killer.exe

The executable slowin killer.exe has been detected as malware by 15 anti-virus scanners. This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SlowinKiller’. This file is typically installed with the program Slowin' Killer by Security-HelpZone. The file has been seen being downloaded from www.security-helpzone.com and multiple other hosts.
Description:
Slowin' Killer

Version:
2.0.4.0

MD5:
5cabd8fd668fcc70cd25979607d494c2

SHA-1:
98d8670667b68c06cf2c399e669ae7020ed136cc

SHA-256:
f7264c46b1fbd6fb953dabccfd28245917e0eb2e155046807357e8d11af808e8

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
4/25/2024 8:26:38 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11172628
1004

avast!
Win32:Rootkit-gen [Rtk]
2014.9-140507

Bitdefender
Trojan.Generic.11172628
1.0.20.635

Emsisoft Anti-Malware
Trojan.Generic.11172628
8.14.05.07.10

F-Secure
Trojan.Generic.11172628
11.2014-07-05_4

G Data
Trojan.Generic.11172628
14.5.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.177.11965

McAfee
Artemis!5CABD8FD668F
5600.7138

MicroWorld eScan
Trojan.Generic.11172628
15.0.0.381

Norman
Suspicious_Gen2.VWEUX
11.20140507

nProtect
Trojan.Generic.11172628
14.05.04.01

Panda Antivirus
Trj/CI.A
14.05.07.10

Qihoo 360 Security
HEUR/Malware.QVM10.Gen
1.0.0.1015

VIPRE Antivirus
Trojan.Win32.Generic
28846

File size:
1.1 MB (1,118,266 bytes)

Copyright:
Security-HelpZone

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\Program Files\slowin killer\slowin killer.exe

File PE Metadata
Compilation timestamp:
1/29/2012 10:32:28 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:eRmJkcoQricOIQxiZY1iax5ASmCNyf80jB7L:LJZoQrbTFZY1iaxaCO80jR

Entry address:
0x165C1

Entry point:
E8, 16, 90, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, 24, 97, 4A, 00, 00, 74, 13, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 05, E9, DD, 03, 00, 00, F7, C7, 03, 00, 00, 00, 75, 14, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 29, F3, A5, FF, 24, 95, 40, 67, 41, 00, 8B, C7, BA, 03, 00, 00, 00, 83, E9, 04, 72, 0C, 83, E0, 03, 03, C8...
 
[+]

Code size:
514 KB (526,336 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SlowinKiller

Command:
C:\Program Files\slowin killer\slowin killer.exe --startup


The file slowin killer.exe has been discovered within the following program.

Slowin' Killer  by Security-HelpZone
About 3% of users remove it
 
Powered by Should I Remove It?

The file slowin killer.exe has been seen being distributed by the following 2 URLs.

http://www.security-helpzone.com/download/.../Slowin Killer.exe

http://www.commentcamarche.net/download/.../telecharger-34087037-slowin-killer

Remove slowin killer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.