WAJAMUPDATER.EXE is Toolbar Wajam

July 13, 2012 by NightWatcher
Filed under: ToolBar 
: Solved!

You should Download Removal Tool here...

The file WAJAMUPDATER.EXE is not a virus.
But the WAJAMUPDATER.EXE tool may be used to compromise computer security by the hacker.
Use the WAJAMUPDATER.EXE file at your own risk!
You can delete the WAJAMUPDATER.EXE program from your computer with problems.

Malware Analysis of WAJAMUPDATER.EXE
Full path on a computer: %Program Files%\Wajam\Updater\WajamUpdater.exe

Detected by UnHackMe:

WAJAMUPDATER.EXE
Default location: %Program Files%\Wajam\Updater\WajamUpdater.exe

WAJAMUPDATER.EXE is known as:

Toolbar.Wajam

WAJAMUPDATER.EXE hash:

  • MD5: 4aa2cc5979aff984227364f2c23b04f3
The file tries to download information from some web sites.
How to quickly detect WAJAMUPDATER.EXE presence?

Registry:
  • HKLM\Software\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}\InProcServer32\: “%Program Files%\Wajam\IE\priam_bho.dll”
  • HKLM\Software\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}\InprocServer32\: “%Program Files%\Wajam\IE\priam_bho.dll”
  • HKLM\Software\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\InprocServer32\: “%Program Files%\Wajam\IE\priam_bho.dll”
  • HKLM\System\CurrentControlSet\Services\Eventlog\Application\WajamUpdater\EventMessageFile: “%Program Files%\Wajam\Updater\WajamUpdater.exe”
  • HKLM\System\CurrentControlSet\Services\WajamUpdater\ImagePath: “”%Program Files%\Wajam\Updater\WajamUpdater.exe”"
  • HKLM\System\CurrentControlSet\Services\WajamUpdater\DisplayName: “WajamUpdater”
Folders:
  • %Local Appdata%\Wajam
  • %Local Appdata%\Wajam\Chrome
  • %Programs%\Wajam
  • %Program Files%\Wajam
  • %Program Files%\Wajam\Firefox
  • %Program Files%\Wajam\IE
  • %Program Files%\Wajam\Updater
Files:
  • %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\bookmarkbackups\bookmarks-2012-07-13.json
  • %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
  • %Local Appdata%\Wajam\Chrome\wajam.crx
  • %Programs%\Wajam\uninstall.lnk
  • %Program Files%\Wajam\Firefox\firefox_trigger_extension.htm
  • %Program Files%\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
  • %Program Files%\Wajam\IE\0
  • %Program Files%\Wajam\IE\favicon.ico
  • %Program Files%\Wajam\IE\priam_bho.dll
  • %Program Files%\Wajam\uninstall.exe
  • %Program Files%\Wajam\Updater\wajamLogo.bmp
  • %Program Files%\Wajam\Updater\WajamUpdater.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.