UPD.EXE - Dangerous
%PROGRAM FILES%\YAFINDER\UPD.EXE
Manual removal instructions:
Antivirus Report of %PROGRAM FILES%\YAFINDER\UPD.EXE:
%program files%\yafinder\upd.exe
We suggest you to remove UPD.EXE from your computer as soon as possible.
UPD.EXE is known as: Worm.Gamarue.87042, W32.Trojan.NLSP-6507, TScope.Trojan.MSIL, a variant of MSIL.TrojanDownloader.Adload.AA, Trojan.Msil, W32.Agent.CDVS.tr.
MD5 of UPD.EXE = f61d1303c6bdb197c89bf800d1443e21
UPD.EXE size is 8704 bytes.
Full path on a computer: %PROGRAM FILES%\YAFINDER\UPD.EXE
Related Files:
%Appdata%\Mozilla Firefox.lnk
%Local Appdata%\Temp\htm\css\images\animated-overlay.gif
%Local Appdata%\Temp\htm\css\images\ui-bg_diagonals-thick_18_b81900_40x40.png
%Local Appdata%\Temp\htm\css\images\ui-bg_diagonals-thick_20_666666_40x40.png
%Local Appdata%\Temp\htm\css\images\ui-bg_flat_10_000000_40x100.png
%Local Appdata%\Temp\htm\css\images\ui-bg_glass_100_f6f6f6_1x400.png
%Local Appdata%\Temp\htm\css\images\ui-bg_glass_100_fdf5ce_1x400.png
%Local Appdata%\Temp\htm\css\images\ui-bg_glass_65_ffffff_1x400.png
%Local Appdata%\Temp\htm\css\images\ui-bg_gloss-wave_35_f6a828_500x100.png
%Local Appdata%\Temp\htm\css\images\ui-bg_highlight-soft_100_eeeeee_1x100.png
%Local Appdata%\Temp\htm\css\images\ui-bg_highlight-soft_75_ffe45c_1x100.png
%Local Appdata%\Temp\htm\css\images\ui-icons_222222_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_228ef1_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_ef8c08_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_ffd27a_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_ffffff_256x240.png
%Local Appdata%\Temp\htm\css\jquery-ui-1.10.0.custom.css
%Local Appdata%\Temp\htm\css\jquery-ui-1.10.0.custom.min.css
%Local Appdata%\Temp\htm\getactivation.jpg
%Local Appdata%\Temp\htm\nachat-ustanovku.jpg
%Local Appdata%\Temp\htm\obratno.jpg
%Local Appdata%\Temp\htm\open.php
%Local Appdata%\Temp\htm\orange-four.jpg
%Local Appdata%\Temp\htm\orange-one.jpg
%Local Appdata%\Temp\htm\orange-three.jpg
%Local Appdata%\Temp\htm\orange-two.jpg
%Local Appdata%\Temp\htm\otmena.jpg
%Local Appdata%\Temp\htm\page.html
%Local Appdata%\Temp\htm\page2.html
%Local Appdata%\Temp\htm\page3.html
%Local Appdata%\Temp\htm\page4.html
%Local Appdata%\Temp\htm\prodoljaem.jpg
%Local Appdata%\Temp\htm\text.html
%Startmenu%\Mozilla Firefox.lnk
%Common Appdata%\Mozilla\ruirtbi.dll
%Common Appdata%\Mozilla\zpvckrd.exe
%Common Startmenu%\Mozilla Firefox.lnk
%Program Files%\La\Xo\bashni_kiaa.vbs
%Program Files%\La\Xo\polovinkaostankinskoi.vbs
%Program Files%\La\Xo\trizvonkaiodnatete.bat
%Program Files%\La\Xo\veseli_praz.nik
%Program Files%\La\Xo\zakrivaya.glaza
%Program Files%\SubwaySurfers\4konya.exe
%Program Files%\SubwaySurfers\Interop.IWshRuntimeLibrary.dll
%Program Files%\SubwaySurfers\mac.exe
%Program Files%\SubwaySurfers\runme.exe
%Program Files%\SubwaySurfers\SubwaySurfers.exe
%Program Files%\YaFinder\injected.js
%Program Files%\YaFinder\Interop.IWshRuntimeLibrary.dll
%Program Files%\YaFinder\jquery.js
%Program Files%\YaFinder\main.js
%Program Files%\YaFinder\manifest.json
%Program Files%\YaFinder\upd.exe
%SysDir%\drivers\etc\hists
%WinDir%\Tasks\mnashbk.job
%PROGRAM FILES%\YAFINDER\UPD.EXE | Worm.Gamarue.87042, W32.Trojan.NLSP-6507, TScope.Trojan.MSIL, a variant of MSIL.TrojanDownloader.Adload.AA, Trojan.Msil, W32.Agent.CDVS.tr. |
%PROGRAM FILES%\YAFINDER\UPD.EXE | Dangerous |
%PROGRAM FILES%\YAFINDER\UPD.EXE | High Risk |
UPD.EXE is known as: Worm.Gamarue.87042, W32.Trojan.NLSP-6507, TScope.Trojan.MSIL, a variant of MSIL.TrojanDownloader.Adload.AA, Trojan.Msil, W32.Agent.CDVS.tr.
MD5 of UPD.EXE = f61d1303c6bdb197c89bf800d1443e21
UPD.EXE size is 8704 bytes.
Full path on a computer: %PROGRAM FILES%\YAFINDER\UPD.EXE
Related Files:
%Appdata%\Mozilla Firefox.lnk
%Local Appdata%\Temp\htm\css\images\animated-overlay.gif
%Local Appdata%\Temp\htm\css\images\ui-bg_diagonals-thick_18_b81900_40x40.png
%Local Appdata%\Temp\htm\css\images\ui-bg_diagonals-thick_20_666666_40x40.png
%Local Appdata%\Temp\htm\css\images\ui-bg_flat_10_000000_40x100.png
%Local Appdata%\Temp\htm\css\images\ui-bg_glass_100_f6f6f6_1x400.png
%Local Appdata%\Temp\htm\css\images\ui-bg_glass_100_fdf5ce_1x400.png
%Local Appdata%\Temp\htm\css\images\ui-bg_glass_65_ffffff_1x400.png
%Local Appdata%\Temp\htm\css\images\ui-bg_gloss-wave_35_f6a828_500x100.png
%Local Appdata%\Temp\htm\css\images\ui-bg_highlight-soft_100_eeeeee_1x100.png
%Local Appdata%\Temp\htm\css\images\ui-bg_highlight-soft_75_ffe45c_1x100.png
%Local Appdata%\Temp\htm\css\images\ui-icons_222222_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_228ef1_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_ef8c08_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_ffd27a_256x240.png
%Local Appdata%\Temp\htm\css\images\ui-icons_ffffff_256x240.png
%Local Appdata%\Temp\htm\css\jquery-ui-1.10.0.custom.css
%Local Appdata%\Temp\htm\css\jquery-ui-1.10.0.custom.min.css
%Local Appdata%\Temp\htm\getactivation.jpg
%Local Appdata%\Temp\htm\nachat-ustanovku.jpg
%Local Appdata%\Temp\htm\obratno.jpg
%Local Appdata%\Temp\htm\open.php
%Local Appdata%\Temp\htm\orange-four.jpg
%Local Appdata%\Temp\htm\orange-one.jpg
%Local Appdata%\Temp\htm\orange-three.jpg
%Local Appdata%\Temp\htm\orange-two.jpg
%Local Appdata%\Temp\htm\otmena.jpg
%Local Appdata%\Temp\htm\page.html
%Local Appdata%\Temp\htm\page2.html
%Local Appdata%\Temp\htm\page3.html
%Local Appdata%\Temp\htm\page4.html
%Local Appdata%\Temp\htm\prodoljaem.jpg
%Local Appdata%\Temp\htm\text.html
%Startmenu%\Mozilla Firefox.lnk
%Common Appdata%\Mozilla\ruirtbi.dll
%Common Appdata%\Mozilla\zpvckrd.exe
%Common Startmenu%\Mozilla Firefox.lnk
%Program Files%\La\Xo\bashni_kiaa.vbs
%Program Files%\La\Xo\polovinkaostankinskoi.vbs
%Program Files%\La\Xo\trizvonkaiodnatete.bat
%Program Files%\La\Xo\veseli_praz.nik
%Program Files%\La\Xo\zakrivaya.glaza
%Program Files%\SubwaySurfers\4konya.exe
%Program Files%\SubwaySurfers\Interop.IWshRuntimeLibrary.dll
%Program Files%\SubwaySurfers\mac.exe
%Program Files%\SubwaySurfers\runme.exe
%Program Files%\SubwaySurfers\SubwaySurfers.exe
%Program Files%\YaFinder\injected.js
%Program Files%\YaFinder\Interop.IWshRuntimeLibrary.dll
%Program Files%\YaFinder\jquery.js
%Program Files%\YaFinder\main.js
%Program Files%\YaFinder\manifest.json
%Program Files%\YaFinder\upd.exe
%SysDir%\drivers\etc\hists
%WinDir%\Tasks\mnashbk.job
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.