Should I block it?
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections
mtool_new.exe
MApp by MCompany
Version: | 1.0.0.0 |
MD5: | 8ad4c9b2e83d2341476ed1bf75abdc9c |
SHA1: | 5c3e6bcd656854129eb88b7317c4081b4e372fdd |
SHA256: | eea589adf71111b20d432e1cc15b331a33269c53daddbbb365fa6d3d1a34325e |
Warning 31 antivirus scanners has detected malware.
Overview
mtool_new.exe is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The assembly utilizes the .NET run-time framework (which is required to be installed on the PC). This particular version is usually found on Windows Vista (TM) Home Premium (6.0.6002.131072).
Details
File name: | mtool_new.exe |
Publisher: | MCompany |
Product name: | MApp |
Typical file path: | C:\users\user\appdata\roaming\mcommon\mtool_new.exe |
Original name: | MTool.exe |
File version: | 1.0.0.0 |
Size: | 305.5 KB (312,832 bytes) |
Build date: | 5/23/2013 4:40 AM |
Digital DNA |
File packed: | No |
Code language: | Microsoft Visual C# / Basic .NET |
.NET CLR: | Yes |
.NET NGENed: | No |
More details
Behaviors
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'MTool' → C:\users\user\appdata\Roaming\MCommon\MTool_new.exe
Malware detections
Based on 40+ industry antivirus scanners, 31 of them detected the following malware.
Antivirus engine | Engine version | Detection |
avast! |
8.0.1489.320 |
Win32:Malware-gen |
AVG |
13.0.0.3169 |
Crypt2.FVQ |
Baidu Antivirus |
3.5.1.41473 |
AdWare.MSIL.Agent.gen |
BitDefender |
7.2 |
Gen:Heur.MSIL.Krypt.4 |
Bkav Security |
1.3.0.4246 |
W32.CalionsF.Trojan |
CAT Quick Heal |
9.13.12.00 |
TrojanDropper.Livate |
Comodo Internet Security |
17025 |
ApplicUnwnt |
Emsisoft Anti-Malware |
3.0.0.589 |
Gen:Heur.MSIL.Krypt.4 (B) |
Fortinet |
5.1.147.0 |
Riskware/Agent |
F-Secure |
11.0.19100.45 |
Gen:Heur.MSIL.Krypt.4 |
G Data |
13.9.22 |
Gen:Heur.MSIL.Krypt.4 |
Ikarus |
T3.1.5.4.0 |
Trojan.SuspectCRC |
Jiangmin |
16.0.100 |
AdWare/MSIL.wn |
K7 AntiVirus |
9.172.9720 |
Adware |
K7GW |
12.7.0.14 |
Adware |
Kaspersky |
9.0.0.837 |
not-a-virus:HEUR:AdWare.MSIL.Agent.gen |
Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
Malwarebytes |
1.75.0.1 |
Trojan.Dropper |
McAfee |
5.600.1067 |
Artemis!8AD4C9B2E83D |
McAfee Gateway Anti-Malware |
v2013-dat |
Artemis!8AD4C9B2E83D |
Microsoft Security Essentials |
1.9901.0 |
TrojanDropper:MSIL/Livate.A |
eScan by MicroWorld |
12.0.250.0 |
Gen:Heur.MSIL.Krypt.4 |
nProtect |
2013-09-29.02 |
Trojan-Clicker/W32.Agent.312832.E |
Panda Antivirus |
10.0.3.5 |
Generic Malware |
PC Tools |
9.0.0.2 |
Trojan.Dropper |
Rising Antivirus |
24.81.06.04 |
Trojan.Win32.Generic.14AAAFF2 |
Sophos |
4.93.0 |
Troj/Mdrop-FJT |
Symantec |
20131.1.5.61 |
Trojan.Dropper |
Trend Micro |
9.740.0.1012 |
TROJ_SPNR.0BHI13 |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_SPNR.0BHI13 |
VIPRE Antivirus |
21958 |
Trojan.Win32.Generic!BT |
Distribution by Windows OS
OS version | distribution |
Windows Vista Home Premium |
100.00% |
|
Distribution by PC manufacturer
PC Manufacturer | distribution |
Sony |
100.00% |
|