plc.exe hacktool

Posted on 2010-01-10
Medium Priority
Last Modified: 2013-11-22
My anti-virus has found a file on my desktop called PLC.exe.  My anti-virus (Panda) is telling me it's a hacktool.  When I try to delete it, it says I do not have the access.  Also, when I try to rename it so that I can delete it, it says the same thing; no access.  What are my different options in getting this file off my computer?  Any assistance will be greatly appreciated.

Location of file - C:\Documents and Settings\HP_Administrator\Desktop\PLC.exe
Question by:lpetrowicz
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 22

Expert Comment

ID: 26279246
Could you upload it to this online scanner and see what results are

Run Malwarebytes and attach logfile after  http://www.malwarebytes.org/mbam-download.php
LVL 47

Expert Comment

ID: 26281714
Use ComboFix, and if it doesn't fix it in its first run, we can remove it on its second run using its script function.

Please download ComboFix by sUBs:
(If it doesn't run, re-download and rename before saving to your desktop)

Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:

Accepted Solution

Texas_Billy earned 1000 total points
ID: 26286814
plc.exe is part of the .NET Framework 2.0.  Not sure what it's doing on your desktop, but there's no known security risk with it's being a hacking tool.

You can't delete it because the framework is protecting it, it's in use.  Boot to safemode and it'll allow you to delete it, but I don't recommend that.  If you're having trouble with it, I'd uninstall .NET framework, all versions, from add/remove programs in control panel, then re-install them.  --TX

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question