WINDOWSUPDATER.EXE - Dangerous
WINDOWSUPDATER.EXE
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
WINDOWSUPDATER.EXE is known as: Trojan-PSW.Win32.Autoit.g [Kaspersky Lab] Mal/Generic-L [Sophos] Trojan:Win32/Dynamer!dtc [Microsoft] Trojan-PWS.Win32.Autoit [Ikarus] packed with UPX [Kaspersky Lab].
MD5 of WINDOWSUPDATER.EXE = EEC91D43720D26927BD0AEB2C2DD1D15
WINDOWSUPDATER.EXE size is 354815 bytes.
Full path on a computer: %WINDIR%\SYSTEM\WINDOWSUPDATER.EXE
Related Files:
%TEMP%\PROGRAMA.EXE
%WINDIR%\SYSTEM\ADMDLL.DLL
%WINDIR%\SYSTEM\ASS\192.168.2.128\07.04.2011?. ? 03?.52???.43???..DAT
%WINDIR%\SYSTEM\ASS\192.168.2.128\07.04.2011?. ? 03?.53???.57???..DAT
%WINDIR%\SYSTEM\ASS\192.168.2.128\IE\INDEX.DAT
%WINDIR%\SYSTEM\ASS\192.168.2.128\IE\%USERNAME%@NAROD[1].TXT
%WINDIR%\SYSTEM\ASS\192.168.2.128\IMAGE.JPG
%WINDIR%\SYSTEM\ASS\192.168.2.128\INSTALLPROG.DAT
%WINDIR%\SYSTEM\ASS\192.168.2.128\IPCONFIG.DAT
%WINDIR%\SYSTEM\ASS\192.168.2.128\PROCESS.DAT
%WINDIR%\SYSTEM\BACKUP.EXE
%WINDIR%\SYSTEM\FILE\FILE.EXE
%WINDIR%\SYSTEM\INFO.EXE
%WINDIR%\SYSTEM\RADDRV.DLL
%WINDIR%\SYSTEM\SCRSS.EXE
%WINDIR%\SYSTEM\VISEDLL.DLL
%WINDIR%\SYSTEM\WINDOWSUPDATER.EXE
%WINDIR%\SYSTEM\WINUPDATE.INI
%WINDIR%\SYSTEM\WMIASPVR.EXE
%WINDIR%\SYSTEM\WMIRPVSE.EXE
%SYSTEM%\GTAL.EXE