Should I block it?

45%
45% of PCs block this file from running.
Possible reason:
Performance resource utilization

VersionsAdditional versions

4.15.1.4270 3.03%
4.15.1.4270 3.03%
4.14.5.4268 3.03%
4.14.5.4268 3.03%
4.13.6.4253 12.12%
4.13.6.4253 3.03%
4.12.13.4202 9.09%
4.11.10.4138 18.18%
4.11.10.4138 6.06%
4.10.5.4085 9.09%
4.10.5.4085 9.09%
4.9.12.4023 3.03%
4.1.11.0 18.18%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
OpenSCManagerW, RegEnumValueW, GetUserNameW, GetTokenInformation, IsTextUnicode, ConvertSidToStringSidW, ControlService, StartServiceW, OpenProcessToken, RegCreateKeyExW, RegCloseKey, RegSetValueExW, RegDeleteKeyW, RegDeleteValueW, RegOpenKeyExW, RegEnumKeyExW, RegQueryInfoKeyW, RegQueryValueExW, RegNotifyChangeKeyValue, CloseServiceHandle, QueryServiceConfigW, OpenServiceW, EnumServicesStatusW, QueryServiceStatusEx, ChangeServiceConfigW, RegEnumKeyW, RegFlushKey, RegOpenKeyW
comctl32.dll
ImageList_Remove, ImageList_ReplaceIcon, ImageList_Draw, ImageList_Destroy, ImageList_AddMasked, ImageList_Create, InitCommonControlsEx
comdlg32.dll
PrintDlgW
crypt32.dll
CryptDecodeObject, CryptQueryObject, CertGetNameStringW, CryptMsgClose, CertFindCertificateInStore, CertCloseStore, CryptMsgGetParam, CertFreeCertificateContext
dbghelp.dll
MiniDumpWriteDump
gdi32.dll
CreateFontW, OffsetViewportOrgEx, SetStretchBltMode, SetViewportOrgEx, ExtCreatePen, GetObjectW, GetDeviceCaps, MoveToEx, LineTo, GetStockObject, Rectangle, CreateBrushIndirect, TextOutW, GetTextExtentPoint32W, SetTextColor, SetBkMode, ExcludeClipRect, SelectClipRgn, CreateRoundRectRgn, CreateRectRgn, CreateSolidBrush, CreatePen, SetBkColor, ExtTextOutW, RoundRect, StretchBlt, DeleteDC, GetObjectA, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, BitBlt, DeleteObject, GetDIBits, CombineRgn, CreatePatternBrush, GetTextColor, CreateBitmap, StartDocW, StartPage, SetMapMode, EndPage, EndDoc
gdiplus.dll
GdipGetImageGraphicsContext, GdipAddPathLine, GdipFillPath, GdipCreateBitmapFromHBITMAP, GdipDeleteFontFamily, GdipGetGenericFontFamilySansSerif, GdipCreateFontFamilyFromName, GdipCreateFont, GdipSetTextRenderingHint, GdipSetImageAttributesColorMatrix, GdipDisposeImageAttributes, GdipDrawLine, GdipDrawImageRect, GdipGraphicsClear, GdipSetSmoothingMode, GdipAddPathArc, GdipClosePathFigure, GdipDeletePath, GdipCreatePath, GdipSetPenDashStyle, GdipCreatePen1, GdipSetLineColors, GdipCreateLineBrush, GdipCreateHICONFromBitmap, GdipDrawImageI, GdipDrawImageRectRectI, GdipCloneImage, GdipDisposeImage, GdipCreateBitmapFromStreamICM, GdipCreateBitmapFromStream, GdiplusStartup, GdiplusShutdown, GdipGetImageHeight, GdipGetImageWidth, GdipDrawImagePointRectI, GdipDrawImageRectRect, GdipDrawImageRectI, GdipDrawString, GdipCreateFontFromLogfontA, GdipCreateFontFromDC, GdipDeleteGraphics, GdipCreateFromHDC, GdipSetStringFormatLineAlign, GdipSetStringFormatAlign, GdipCreateStringFormat, GdipCreateSolidFill, GdipDeleteFont, GdipDeleteStringFormat, GdipDeletePen, GdipAlloc, GdipFree, GdipCloneBrush, GdipDeleteBrush, GdipCreateBitmapFromScan0, GdipDrawPath, GdipCreateImageAttributes, GdipSetInterpolationMode, GdipReleaseDC, GdipMeasureString, GdipSetPageUnit
iphlpapi.dll
GetPerAdapterInfo, GetAdaptersInfo, GetAdaptersAddresses
kernel32.dll
DllMain
msimg32.dll
AlphaBlend, TransparentBlt
ole32.dll
OleLockRunning, StringFromGUID2, CLSIDFromString, CLSIDFromProgID, CoGetClassObject, OleInitialize, OleUninitialize, CreateStreamOnHGlobal, CoTaskMemRealloc, CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CoUninitialize, CoInitialize
psapi.dll
GetModuleInformation, GetModuleFileNameExW, GetProcessImageFileNameW, EnumProcessModules, GetProcessMemoryInfo
shell32.dll
ShellExecuteW, Shell_NotifyIconW, ShellExecuteExW, SHGetFileInfoW, SHChangeNotify
shlwapi.dll
StrCmpNW, StrToIntW, SHDeleteKeyW, StrCmpIW, PathUnExpandEnvStringsW
user32.dll
InvalidateRgn, ShowWindow, InvalidateRect, IsWindowVisible, SetWindowLongW, CreateWindowExW, GetClassInfoExW, IsCharAlphaNumericW, WaitForInputIdle, SendMessageTimeoutW, EnumDisplaySettingsW, IsCharAlphaNumericA, SetTimer, GetActiveWindow, EnableWindow, SetCursor, GetSystemMenu, GetWindowLongW, FlashWindowEx, wsprintfA, MoveWindow, LoadIconW, SetMenuItemInfoW, GetMenuItemInfoW, SetMenuDefaultItem, SetRect, PtInRect, IsDialogMessageW, SendMessageW, DispatchMessageW, TranslateMessage, PeekMessageW, SetForegroundWindow, RegisterWindowMessageW, MapWindowPoints, GetMonitorInfoW, MonitorFromWindow, GetWindowRect, GetWindow, GetParent, KillTimer, ReleaseCapture, BeginPaint, EndPaint, MessageBeep, GetDesktopWindow, CheckMenuItem, CreatePopupMenu, DestroyMenu, AppendMenuW, EnableMenuItem, CreateDialogParamW, TranslateAcceleratorW, DestroyWindow, SetWindowTextW, DialogBoxParamW, LoadCursorW, LoadStringW, PostQuitMessage, LoadStringA, DefWindowProcW, TrackPopupMenu, GetCursorPos, PostMessageW, IsWindowEnabled, GetWindowDC, ReleaseDC, GetMenuItemCount, IsZoomed, SetWindowRgn, OffsetRect, TrackPopupMenuEx, RemoveMenu, MonitorFromPoint, CallWindowProcW, GetWindowThreadProcessId, wsprintfW, MessageBoxW, RegisterClassW, GetClassInfoW, GetMessageW, InflateRect, FindWindowW, DrawTextW, LoadBitmapW, LoadAcceleratorsW, LoadMenuW, LoadImageW, wvsprintfW, CharNextW, FindWindowExW, EndDialog, BringWindowToTop, SetActiveWindow, GetWindowTextW, RegisterClassExW, SetWindowPos, IsWindow, GetClientRect, UpdateWindow, SetFocus, ScreenToClient, FillRect, GetSystemMetrics, DrawIcon, GetDlgCtrlID, SetRectEmpty, IsRectEmpty, TrackMouseEvent, DrawFocusRect, GetClassLongW, DrawIconEx, AdjustWindowRectEx, SetLayeredWindowAttributes, SystemParametersInfoW, GetScrollInfo, SetScrollPos, ScrollWindowEx, SetScrollInfo, CopyRect, AdjustWindowRect, GetDlgItem, GetDC, ClientToScreen, CreateAcceleratorTableW, GetClassNameW, RedrawWindow, IsChild, GetSysColor, DestroyAcceleratorTable, DestroyIcon, OpenClipboard, EmptyClipboard, CloseClipboard, SetClipboardData, GetFocus, GetWindowTextLengthW, BroadcastSystemMessageW, GetCapture, SetCapture, UnregisterClassA, GetMenu, SetMenu, IsCharAlphaW
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
wininet.dll
InternetCheckConnectionW, InternetSetOptionW
wintrust.dll
WinVerifyTrustEx, CryptCATAdminEnumCatalogFromHash
ws2_32.dll
freeaddrinfo, getaddrinfo

SpyHunter4.exe

SpyHunter4 by Enigma Software Group USA (Signed)

Remove SpyHunter4.exe
Version:   4.11.10.4138
MD5:   c12be8a3cea0f5aad23472ff8755fbae
SHA1:   5c94653f88806ff90ee28740e8da811f2c00b110
SHA256:   64ec097b57b9b04f5ad92a7c9ede40bfcb75c49e19825fb230185abf32f5b36b

What is SpyHunter4.exe?

SpyHunter4 application is part of the Enigma SpyHunter software program. SpyHunter is an antivirus and antispyware program designed to find and remove malware.

About SpyHunter4.exe (from Enigma Software Group USA)

SpyHunter is a powerful, real-time anti-spyware application certified by West Coast Labs’ Checkmark Certification System and designed to assist the average computer user in protecting their PC from ma

DetailsDetails

File name:spyhunter4.exe
Publisher:Enigma Software Group USA, LLC.
Product name:SpyHunter4
Description:SpyHunter4 application
Typical file path:C:\Program Files\enigma software group\spyhunter\spyhunter4.exe
File version:4.11.10.4138
Size:6 MB (6,286,784 bytes)
Certificate
Issued to:Enigma Software Group USA
Authority (CA):VeriSign
Digital DNA
File packed:No
Code language:Microsoft Visual C# / Basic .NET
.NET CLR:Yes
.NET NGENed:No
More details

ResourcesPrograms

The following programs will install this file
SpyHunter
 Enigma Software Group
41% remove
SpyHunter is an antivirus program that also includes its built in 'registry cleaner', Reghunter. It also may be bundled with 3rd party pay per install programs such as InstallIQ.

BehaviorsBehaviors

Scheduled tasks
  • The task 'SpyHunter4Startup' runs on logon in the path '\SpyHunter4Startup'
  • Entry path 'C:\WINDOWS\Tasks\SpyHunter4.job'
  • Entry path 'D:\WINDOWS\Tasks\SpyHunter4.job'
  • Entry path '\SpyHunter4Startup'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\SpyHunter4Startup'
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'SpyHunter Security Suite' → C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Network connections
  • [UDP] listens on port 57969

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.28568351%
    0.028634%
    Kernel CPU:0.14802625%
    0.013761%
    User CPU:0.13765726%
    0.014873%
    Kernel CPU time:3,445 ms/min
    100,923,805ms/min
    Memory
    Private memory:110.37 MB
    21.59 MB
    Private (maximum):110.45 MB
    Private (minimum):21.25 MB
    Non-paged memory:110.37 MB
    21.59 MB
    Virtual memory:243.92 MB
    140.96 MB
    Virtual memory (peak):250.07 MB
    169.69 MB
    Working set:21.28 MB
    18.61 MB
    Working set (peak):116.69 MB
    37.95 MB
    Resource allocations
    Threads:21
    12
    Handles:516
    600
    GUI GDI count:398
    103
    GUI GDI peak:413
    142
    GUI USER count:246
    49
    GUI USER peak:261
    71

    BehaviorsProcess properties

    Tray notification:Yes
    Integrety level:High
    Platform:32-bit
    Command line:"C:\Program Files\enigma software group\spyhunter\spyhunter4.exe" -scan -congrats
    Owner:User

    ResourcesThreads

    Averages
     
    SpyHunter4.exe (main module)
    Total CPU:4.08622103%
    0.272967%
    Kernel CPU:0.24992357%
    0.107585%
    User CPU:3.83629746%
    0.165382%
    CPU cycles:66,580,940/sec
    5,741,424/sec
    Context switches:71/sec
    79/sec
    Memory:6.05 MB
    1.16 MB
    sendori.dll (Sendori.dll by Sendori)
    Total CPU:0.02388757%
    Kernel CPU:0.01592505%
    User CPU:0.00796252%
    CPU cycles:1,123,065/sec
    Context switches:20/sec
    Memory:316 KB
    mshtml.dll (Windows Internet Explorer by Microsoft)
    Total CPU:0.01703858%
    Kernel CPU:0.01276757%
    User CPU:0.00427101%
    CPU cycles:190,323/sec
    Memory:5.71 MB
    ntdll.dll
    Total CPU:0.01437388%
    Kernel CPU:0.01012241%
    User CPU:0.00425147%
    CPU cycles:155,739/sec
    Memory:1.23 MB
    WININET.dll
    Total CPU:0.00832288%
    Kernel CPU:0.00832288%
    User CPU:0.00000000%
    CPU cycles:155,706/sec
    Memory:980 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 36.36%
    Windows 7 Ultimate 36.36%
    Microsoft Windows XP 15.15%
    Windows 7 Ultimate N 9.09%
    Windows Vista Ultimate 3.03%

    Distribution by countryDistribution by country

    United States installs about 45.16% of SpyHunter4.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 50.00%
    Hewlett-Packard 25.00%
    ASUS 12.50%
    GIGABYTE 6.25%
    American Megatrends 6.25%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE