WINUPDATE.EXE – Trojan Downloader

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINUPDATE.EXE – Trojan Downloader removal

FileMD5Virus Alias
WINUPDATE.EXE 7a7cc467625fbc1ebd643712e4e5993f Trojan Downloader
WINUPDATE.EXE 7a7cc467625fbc1ebd643712e4e5993f Trojan SuspiciousFile
WINUPDATE.EXE 7a7cc467625fbc1ebd643712e4e5993f Trojan Agent

WINUPDATE.EXE size: 32256 bytes
WINUPDATE.EXE hash: 7A7CC467625FBC1EBD643712E4E5993F

Created files:

%Local AppData%\Google\Update\gupdate.exe
%Local AppData%\Microsoft\Windows\winupdate.exe
%Local AppData%\NVIDIA Corporation\Update\daemonupd.exe

Autostart registry keys:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\NvUpdService: %WinDir%\System32\config\Systemprofile\Local Settings\Application Data\NVIDIA Corporation\Update\daemonupd.exe /app D778BDE190E5214436FC2D9720C33B96
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Google Update: %WinDir%\System32\config\Systemprofile\Local Settings\Application Data\Google\Update\gupdate.exe /app D778BDE190E5214436FC2D9720C33B96

Detected by UnHackMe:

WINUPDATE.EXE
Default location: %LOCAL APPDATA%\MICROSOFT\WINDOWS\WINUPDATE.EXE

Dropper information:
MD5: 48c4e633209130eeaac048d59994c345
File size: 36589 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images