mtool_new.exe

MApp by MCompany

Remove mtool_new.exe

Version:	1.0.0.0
MD5:	8ad4c9b2e83d2341476ed1bf75abdc9c
SHA1:	5c3e6bcd656854129eb88b7317c4081b4e372fdd
SHA256:	eea589adf71111b20d432e1cc15b331a33269c53daddbbb365fa6d3d1a34325e

Warning 31 antivirus scanners has detected malware.

Overview

mtool_new.exe is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). This particular version is usually found on Windows Vista (TM) Home Premium (6.0.6002.131072).

Details

File name:	mtool_new.exe
Publisher:	MCompany
Product name:	MApp
Typical file path:	C:\users\user\appdata\roaming\mcommon\mtool_new.exe
Original name:	MTool.exe
File version:	1.0.0.0
Size:	305.5 KB (312,832 bytes)
Build date:	5/23/2013 4:40 AM
Digital DNA
File packed:	No
Code language:	Microsoft Visual C# / Basic .NET
.NET CLR:	Yes
.NET NGENed:	No

More details

Behaviors

Startup files (user) run

Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'MTool' → C:\users\user\appdata\Roaming\MCommon\MTool_new.exe

Malware detections

Based on 40+ industry antivirus scanners, 31 of them detected the following malware.

Antivirus engine	Engine version	Detection
avast!	8.0.1489.320	Win32:Malware-gen
AVG	13.0.0.3169	Crypt2.FVQ
Baidu Antivirus	3.5.1.41473	AdWare.MSIL.Agent.gen
BitDefender	7.2	Gen:Heur.MSIL.Krypt.4
Bkav Security	1.3.0.4246	W32.CalionsF.Trojan
CAT Quick Heal	9.13.12.00	TrojanDropper.Livate
Comodo Internet Security	17025	ApplicUnwnt
Emsisoft Anti-Malware	3.0.0.589	Gen:Heur.MSIL.Krypt.4 (B)
Fortinet	5.1.147.0	Riskware/Agent
F-Secure	11.0.19100.45	Gen:Heur.MSIL.Krypt.4
G Data	13.9.22	Gen:Heur.MSIL.Krypt.4
Ikarus	T3.1.5.4.0	Trojan.SuspectCRC
Jiangmin	16.0.100	AdWare/MSIL.wn
K7 AntiVirus	9.172.9720	Adware
K7GW	12.7.0.14	Adware
Kaspersky	9.0.0.837	not-a-virus:HEUR:AdWare.MSIL.Agent.gen
Kingsoft	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	Trojan.Dropper
McAfee	5.600.1067	Artemis!8AD4C9B2E83D
McAfee Gateway Anti-Malware	v2013-dat	Artemis!8AD4C9B2E83D
Microsoft Security Essentials	1.9901.0	TrojanDropper:MSIL/Livate.A
eScan by MicroWorld	12.0.250.0	Gen:Heur.MSIL.Krypt.4
nProtect	2013-09-29.02	Trojan-Clicker/W32.Agent.312832.E
Panda Antivirus	10.0.3.5	Generic Malware
PC Tools	9.0.0.2	Trojan.Dropper
Rising Antivirus	24.81.06.04	Trojan.Win32.Generic.14AAAFF2
Sophos	4.93.0	Troj/Mdrop-FJT
Symantec	20131.1.5.61	Trojan.Dropper
Trend Micro	9.740.0.1012	TROJ_SPNR.0BHI13
Trend Micro HouseCall	9.700.0.1001	TROJ_SPNR.0BHI13
VIPRE Antivirus	21958	Trojan.Win32.Generic!BT

Distribution by Windows OS

OS version	distribution
Windows Vista Home Premium	100.00%

Distribution by PC manufacturer

PC Manufacturer	distribution
Sony	100.00%

"Should I Block It?" client app is coming soon

We are still in the final stages of development and will hopefully have our 100% free client app available soon. The app will work in conjunction with your existing anti-virus program to quickly help you block potentially unwanted software from taking control of your PC.

In the meantime, if you would like to run our award winning software, "Should I Remove It?", which is designed to quickly purge your PC from unwanted programs, please download it it here, it's 100% FREE!

Featured on The Kim Komando Show, USA Today, Tom's Guide, CNET, Softonic and many more.

Remove Adware and Spyware Programs, FREE Download!

Should I block it?