PE:Trojan.GoogUpdate!6.205F

Trojan No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

PE:Trojan.GoogUpdate!6.205F also known as Gen:Application.Heur.yv0@mCYe@SpO, PUP/Win32.CrossRider, Gen:Application.Heur.yv0@mCYe@SpO.

Malware Analysis of PE:Trojan.GoogUpdate!6.205F – D83B9DD9-CEDF-410F-B166-ADE1CF51E014-4.EXE

Created files:

%Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\60aee250-a09b-4f12-85fc-76ad45f3883b@gmail.com\skin\skin.css
%Appdata%\Mozilla\Firefox\Profiles\profile.default\extensions\60aee250-a09b-4f12-85fc-76ad45f3883b@gmail.com\skin\update.css
%Program Files%\Br0wsrApVs4.1\d83b9dd9-cedf-410f-b166-ade1cf51e014-4.exe
%Program Files%\Br0wsrApVs4.1\d83b9dd9-cedf-410f-b166-ade1cf51e014-5.exe
%Program Files%\Br0wsrApVs4.1\d83b9dd9-cedf-410f-b166-ade1cf51e014.xpi

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Br0wsrApVs4.1\DisplayName: “Br0wsrApVs4.1”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Br0wsrApVs4.1\UninstallString: “%Program Files%\Br0wsrApVs4.1\Uninstall.exe /fcp=1 ”

Detected by UnHackMe:

D83B9DD9-CEDF-410F-B166-ADE1CF51E014-4.EXE
Default location: %PROGRAM FILES%\BR0WSRAPVS4.1\D83B9DD9-CEDF-410F-B166-ADE1CF51E014-4.EXE

Dropper hash(md5): 588bfc5fb09be29ff90526c16e6b8f4b

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

4
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera