Should I block it?

45%

45% of PCs block this file from running.

Possible reason:

Performance resource utilization

Additional versions

4.15.1.4270	3.03%
4.15.1.4270	3.03%
4.14.5.4268	3.03%
4.14.5.4268	3.03%
4.13.6.4253	12.12%
4.13.6.4253	3.03%
4.12.13.4202	9.09%
4.11.10.4138	18.18%
4.11.10.4138	6.06%
4.10.5.4085	9.09%
4.10.5.4085	9.09%
4.9.12.4023	3.03%
4.1.11.0	18.18%

Relationships

PE file structure

Show functions

Import table

advapi32.dll

OpenSCManagerW, RegEnumValueW, GetUserNameW, GetTokenInformation, IsTextUnicode, ConvertSidToStringSidW, ControlService, StartServiceW, OpenProcessToken, RegCreateKeyExW, RegCloseKey, RegSetValueExW, RegDeleteKeyW, RegDeleteValueW, RegOpenKeyExW, RegEnumKeyExW, RegQueryInfoKeyW, RegQueryValueExW, RegNotifyChangeKeyValue, CloseServiceHandle, QueryServiceConfigW, OpenServiceW, EnumServicesStatusW, QueryServiceStatusEx, ChangeServiceConfigW, RegEnumKeyW, RegFlushKey, RegOpenKeyW

comctl32.dll

ImageList_Remove, ImageList_ReplaceIcon, ImageList_Draw, ImageList_Destroy, ImageList_AddMasked, ImageList_Create, InitCommonControlsEx

comdlg32.dll

PrintDlgW

crypt32.dll

CryptDecodeObject, CryptQueryObject, CertGetNameStringW, CryptMsgClose, CertFindCertificateInStore, CertCloseStore, CryptMsgGetParam, CertFreeCertificateContext

dbghelp.dll

MiniDumpWriteDump

gdi32.dll

CreateFontW, OffsetViewportOrgEx, SetStretchBltMode, SetViewportOrgEx, ExtCreatePen, GetObjectW, GetDeviceCaps, MoveToEx, LineTo, GetStockObject, Rectangle, CreateBrushIndirect, TextOutW, GetTextExtentPoint32W, SetTextColor, SetBkMode, ExcludeClipRect, SelectClipRgn, CreateRoundRectRgn, CreateRectRgn, CreateSolidBrush, CreatePen, SetBkColor, ExtTextOutW, RoundRect, StretchBlt, DeleteDC, GetObjectA, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, BitBlt, DeleteObject, GetDIBits, CombineRgn, CreatePatternBrush, GetTextColor, CreateBitmap, StartDocW, StartPage, SetMapMode, EndPage, EndDoc

gdiplus.dll

GdipGetImageGraphicsContext, GdipAddPathLine, GdipFillPath, GdipCreateBitmapFromHBITMAP, GdipDeleteFontFamily, GdipGetGenericFontFamilySansSerif, GdipCreateFontFamilyFromName, GdipCreateFont, GdipSetTextRenderingHint, GdipSetImageAttributesColorMatrix, GdipDisposeImageAttributes, GdipDrawLine, GdipDrawImageRect, GdipGraphicsClear, GdipSetSmoothingMode, GdipAddPathArc, GdipClosePathFigure, GdipDeletePath, GdipCreatePath, GdipSetPenDashStyle, GdipCreatePen1, GdipSetLineColors, GdipCreateLineBrush, GdipCreateHICONFromBitmap, GdipDrawImageI, GdipDrawImageRectRectI, GdipCloneImage, GdipDisposeImage, GdipCreateBitmapFromStreamICM, GdipCreateBitmapFromStream, GdiplusStartup, GdiplusShutdown, GdipGetImageHeight, GdipGetImageWidth, GdipDrawImagePointRectI, GdipDrawImageRectRect, GdipDrawImageRectI, GdipDrawString, GdipCreateFontFromLogfontA, GdipCreateFontFromDC, GdipDeleteGraphics, GdipCreateFromHDC, GdipSetStringFormatLineAlign, GdipSetStringFormatAlign, GdipCreateStringFormat, GdipCreateSolidFill, GdipDeleteFont, GdipDeleteStringFormat, GdipDeletePen, GdipAlloc, GdipFree, GdipCloneBrush, GdipDeleteBrush, GdipCreateBitmapFromScan0, GdipDrawPath, GdipCreateImageAttributes, GdipSetInterpolationMode, GdipReleaseDC, GdipMeasureString, GdipSetPageUnit

iphlpapi.dll

GetPerAdapterInfo, GetAdaptersInfo, GetAdaptersAddresses

kernel32.dll

DllMain

msimg32.dll

AlphaBlend, TransparentBlt

ole32.dll

OleLockRunning, StringFromGUID2, CLSIDFromString, CLSIDFromProgID, CoGetClassObject, OleInitialize, OleUninitialize, CreateStreamOnHGlobal, CoTaskMemRealloc, CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoUninitialize, CoInitialize

psapi.dll

GetModuleInformation, GetModuleFileNameExW, GetProcessImageFileNameW, EnumProcessModules, GetProcessMemoryInfo

shell32.dll

ShellExecuteW, Shell_NotifyIconW, ShellExecuteExW, SHGetFileInfoW, SHChangeNotify

shlwapi.dll

StrCmpNW, StrToIntW, SHDeleteKeyW, StrCmpIW, PathUnExpandEnvStringsW

user32.dll

InvalidateRgn, ShowWindow, InvalidateRect, IsWindowVisible, SetWindowLongW, CreateWindowExW, GetClassInfoExW, IsCharAlphaNumericW, WaitForInputIdle, SendMessageTimeoutW, EnumDisplaySettingsW, IsCharAlphaNumericA, SetTimer, GetActiveWindow, EnableWindow, SetCursor, GetSystemMenu, GetWindowLongW, FlashWindowEx, wsprintfA, MoveWindow, LoadIconW, SetMenuItemInfoW, GetMenuItemInfoW, SetMenuDefaultItem, SetRect, PtInRect, IsDialogMessageW, SendMessageW, DispatchMessageW, TranslateMessage, PeekMessageW, SetForegroundWindow, RegisterWindowMessageW, MapWindowPoints, GetMonitorInfoW, MonitorFromWindow, GetWindowRect, GetWindow, GetParent, KillTimer, ReleaseCapture, BeginPaint, EndPaint, MessageBeep, GetDesktopWindow, CheckMenuItem, CreatePopupMenu, DestroyMenu, AppendMenuW, EnableMenuItem, CreateDialogParamW, TranslateAcceleratorW, DestroyWindow, SetWindowTextW, DialogBoxParamW, LoadCursorW, LoadStringW, PostQuitMessage, LoadStringA, DefWindowProcW, TrackPopupMenu, GetCursorPos, PostMessageW, IsWindowEnabled, GetWindowDC, ReleaseDC, GetMenuItemCount, IsZoomed, SetWindowRgn, OffsetRect, TrackPopupMenuEx, RemoveMenu, MonitorFromPoint, CallWindowProcW, GetWindowThreadProcessId, wsprintfW, MessageBoxW, RegisterClassW, GetClassInfoW, GetMessageW, InflateRect, FindWindowW, DrawTextW, LoadBitmapW, LoadAcceleratorsW, LoadMenuW, LoadImageW, wvsprintfW, CharNextW, FindWindowExW, EndDialog, BringWindowToTop, SetActiveWindow, GetWindowTextW, RegisterClassExW, SetWindowPos, IsWindow, GetClientRect, UpdateWindow, SetFocus, ScreenToClient, FillRect, GetSystemMetrics, DrawIcon, GetDlgCtrlID, SetRectEmpty, IsRectEmpty, TrackMouseEvent, DrawFocusRect, GetClassLongW, DrawIconEx, AdjustWindowRectEx, SetLayeredWindowAttributes, SystemParametersInfoW, GetScrollInfo, SetScrollPos, ScrollWindowEx, SetScrollInfo, CopyRect, AdjustWindowRect, GetDlgItem, GetDC, ClientToScreen, CreateAcceleratorTableW, GetClassNameW, RedrawWindow, IsChild, GetSysColor, DestroyAcceleratorTable, DestroyIcon, OpenClipboard, EmptyClipboard, CloseClipboard, SetClipboardData, GetFocus, GetWindowTextLengthW, BroadcastSystemMessageW, GetCapture, SetCapture, UnregisterClassA, GetMenu, SetMenu, IsCharAlphaW

version.dll

VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW

wininet.dll

InternetCheckConnectionW, InternetSetOptionW

wintrust.dll

WinVerifyTrustEx, CryptCATAdminEnumCatalogFromHash

ws2_32.dll

freeaddrinfo, getaddrinfo

SpyHunter4.exe

SpyHunter4 by Enigma Software Group USA (Signed)

Remove SpyHunter4.exe

Version:	4.9.12.4023
MD5:	a060fcb6aa2f046f52603823997810d4
SHA1:	0ac6091678b8c779a3bae8cdce0923a33457380f
SHA256:	de3d014e16958a427de68b53d2f42ef361bd4381dbca05998c35a9187822ca40

What is SpyHunter4.exe?

SpyHunter4 application is part of the Enigma SpyHunter software program. SpyHunter is an antivirus and antispyware program designed to find and remove malware.

About SpyHunter4.exe (from Enigma Software Group USA)

“SpyHunter is a powerful, real-time anti-spyware application certified by West Coast Labs’ Checkmark Certification System and designed to assist the average computer user in protecting their PC from ma”

Details

File name:	spyhunter4.exe
Publisher:	Enigma Software Group USA, LLC.
Product name:	SpyHunter4
Description:	SpyHunter4 application
Typical file path:	C:\Program Files\enigma software group\spyhunter\spyhunter4.exe
File version:	4.9.12.4023
Size:	5.83 MB (6,110,656 bytes)
Certificate
Issued to:	Enigma Software Group USA
Authority (CA):	VeriSign
Digital DNA
File packed:	No
Code language:	Microsoft Visual C# / Basic .NET
.NET CLR:	Yes
.NET NGENed:	No

More details

Programs

The following program will install this file

SpyHunter

Enigma Software Group

41% remove

SpyHunter is an antivirus program that also includes its built in 'registry cleaner', Reghunter. It also may be bundled with 3rd party pay per install programs such as InstallIQ.

Behaviors

Scheduled tasks

The task 'SpyHunter4Startup' runs on logon in the path '\SpyHunter4Startup'
Entry path 'C:\WINDOWS\Tasks\SpyHunter4.job'
Entry path 'D:\WINDOWS\Tasks\SpyHunter4.job'
Entry path '\SpyHunter4Startup'

Scheduled tasks startups

Set to load on user login (bypasses Windows UAC if enabled)

Startup files (all users) run

Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'SpyHunter Security Suite' → C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Network connections

[UDP] listens on port 62762

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.01812151%	0.028634%
Kernel CPU:	0.00752382%	0.013761%
User CPU:	0.01059769%	0.014873%
Kernel CPU time:	8,422 ms/min	100,923,805ms/min
Context switches:	63/sec	284/sec
Memory
Private memory:	187.29 MB	21.59 MB
Private (maximum):	23.39 MB
Private (minimum):	23.39 MB
Non-paged memory:	187.29 MB	21.59 MB
Virtual memory:	379.03 MB	140.96 MB
Virtual memory (peak):	459.09 MB	169.69 MB
Working set:	14.43 MB	18.61 MB
Working set (peak):	236.8 MB	37.95 MB
Resource allocations
Threads:	11	12
Handles:	503	600
GUI GDI count:	400	103
GUI GDI peak:	464	142
GUI USER count:	208	49
GUI USER peak:	237	71

Process properties

Integrety level:	High
Platform:	64-bit
Command line:	"C:\Program Files\enigma software group\spyhunter\spyhunter4.exe" -scan -congrats
Owner:	User

Threads

Averages

SpyHunter4.exe (main module)
Total CPU:	0.07401030%	0.272967%
Kernel CPU:	0.01421330%	0.107585%
User CPU:	0.05979700%	0.165382%
CPU cycles:	4,617,453/sec	5,741,424/sec
Context switches:	20/sec	79/sec
Memory:	5.9 MB	1.16 MB
ntdll.dll
Total CPU:	0.00167121%
Kernel CPU:	0.00167121%
User CPU:	0.00000000%
CPU cycles:	29,786/sec
Context switches:	3/sec
Memory:	1.66 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Distribution by Windows OS

OS version	distribution
Windows 7 Home Premium	36.36%
Windows 7 Ultimate	36.36%
Microsoft Windows XP	15.15%
Windows 7 Ultimate N	9.09%
Windows Vista Ultimate	3.03%

Distribution by country

United States installs about 45.16% of SpyHunter4.

Distribution by PC manufacturer

PC Manufacturer	distribution
Dell	50.00%
Hewlett-Packard	25.00%
ASUS	12.50%
GIGABYTE	6.25%
American Megatrends	6.25%

Remove Adware and Spyware Programs, FREE Download!