WINUPDATE86.EXE – Trojan Vilsel

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WINUPDATE86.EXE – Trojan Vilsel removal

FileMD5Virus Alias
WINUPDATE86.EXE 04aba42641e2f9209722e8c54e6d7bf3 Trojan Vilsel
WINUPDATE86.EXE 04aba42641e2f9209722e8c54e6d7bf3 Trojan XPACK
WINUPDATE86.EXE 04aba42641e2f9209722e8c54e6d7bf3 Trojan Eldorado
WINUPDATE86.EXE 04aba42641e2f9209722e8c54e6d7bf3 Trojan Downloader
WINUPDATE86.EXE 04aba42641e2f9209722e8c54e6d7bf3 Trojan Agent
WINUPDATE86.EXE 04aba42641e2f9209722e8c54e6d7bf3 Trojan FakeAV

WINUPDATE86.EXE size: 51200 bytes
WINUPDATE86.EXE hash: 04ABA42641E2F9209722E8C54E6D7BF3

Created files:

%AppData%\Microsoft\Internet Explorer\Desktop.htt
%SysDir%\winhelper86.dll
%SysDir%\winlogon86.exe
%SysDir%\winupdate86.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\winupdate86.exe: %WinDir%\System32\winupdate86.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\winlogon86.exe

Detected by UnHackMe:

WINUPDATE86.EXE
Default location: %SYSDIR%\WINUPDATE86.EXE

Dropper information:
MD5: 04aba42641e2f9209722e8c54e6d7bf3
File size: 51200 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images