I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
OFFICEUPDATE.EXE – Rootkit SpyEye removal
| File | MD5 | Virus Alias |
|---|---|---|
| OFFICEUPDATE.EXE | 1a7c2682cfbf3e95cdb794746744efed | Rootkit SpyEye |
| OFFICEUPDATE.EXE | 1a7c2682cfbf3e95cdb794746744efed | Trojan Artemis |
| OFFICEUPDATE.EXE | 1a7c2682cfbf3e95cdb794746744efed | Trojan CI |
| OFFICEUPDATE.EXE | 1a7c2682cfbf3e95cdb794746744efed | Trojan ZBot |
OFFICEUPDATE.EXE size: 1203009 bytes
OFFICEUPDATE.EXE hash: 1A7C2682CFBF3E95CDB794746744EFED
Created files:
%Program Files Common%\MSOfficeUpdt\OfficeUpdate.exe
%TEMP%\file.exe
%TEMP%\is-JD4KK.tmp\3300.exe
%TEMP%\is-JD4KK.tmp\rog\unins000.exe
Autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Javau: %TEMP%\file.exeC:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\1DFAGX: %Program Files Common%\MSOfficeUpdt\OfficeUpdate.exe
Detected by UnHackMe:
OFFICEUPDATE.EXE
Default location: %PROGRAM FILES COMMON%\MSOFFICEUPDT\OFFICEUPDATE.EXE
Dropper information:
MD5: 5a053e1e149aa349ac24306ab45011c8
File size: 9133285 bytes