Remove WINDTOP.EXE malware
WINDTOP.EXE Malware Removal Guide
Manual removal instructions:
Antivirus Report of WINDTOP.EXE:
windtop.exe
Full path on a computer: %APPDATA%\WINDTOP.EXE
Autostart registry keys:
HKLM\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{FEBDDCAF-AADE-3BFC-C8CD-9DFFF1E5BBD6}\STUBPATH: "%APPDATA%\WINDTOP.EXE"
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN\DESKTOP: "%APPDATA%\WINDTOP.EXE"
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DESKTOP: "%APPDATA%\WINDTOP.EXE"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST\%APPDATA%\WINDTOP.EXE: "%APPDATA%\WINDTOP.EXE:*:ENABLED:WINDOWS MESSANGER"
HKCU\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{FEBDDCAF-AADE-3BFC-C8CD-9DFFF1E5BBD6}\STUBPATH: "%APPDATA%\WINDTOP.EXE"
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DESKTOP: "%APPDATA%\WINDTOP.EXE"
Related Files:
%APPDATA%\DATA.DAT
%APPDATA%\WINDTOP.EXE
The file WINDTOP.EXE is identified as a virus dropper.
The dropper WINDTOP.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file WINDTOP.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the WINDTOP.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the WINDTOP.EXE process and delete the file WINDTOP.EXE.
WINDTOP.EXE is related to: TR/Dropper.Gen, WINDTOP.EXE.
Virustotal = 39/51
MD5 = D6246A40858DCD837F4EF24F9D8F0BC2
File Size: 481792
File information:
OriginalFilename: windtop.exe
FileDescription: Windows Desktop
InternalName: WindowsDesktop
FileVersion: 1,0,0,0
LegalCopyright: Microsoft 2011
| WINDTOP.EXE | Malware |
| WINDTOP.EXE | Dangerous |
| WINDTOP.EXE | High Risk |
Autostart registry keys:
HKLM\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{FEBDDCAF-AADE-3BFC-C8CD-9DFFF1E5BBD6}\STUBPATH: "%APPDATA%\WINDTOP.EXE"
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN\DESKTOP: "%APPDATA%\WINDTOP.EXE"
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DESKTOP: "%APPDATA%\WINDTOP.EXE"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\AUTHORIZEDAPPLICATIONS\LIST\%APPDATA%\WINDTOP.EXE: "%APPDATA%\WINDTOP.EXE:*:ENABLED:WINDOWS MESSANGER"
HKCU\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{FEBDDCAF-AADE-3BFC-C8CD-9DFFF1E5BBD6}\STUBPATH: "%APPDATA%\WINDTOP.EXE"
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DESKTOP: "%APPDATA%\WINDTOP.EXE"
Related Files:
%APPDATA%\DATA.DAT
%APPDATA%\WINDTOP.EXE
The file WINDTOP.EXE is identified as a virus dropper.
The dropper WINDTOP.EXE is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file WINDTOP.EXE loads into the computer memory and tries to connect to the dangerous web site.
Usually the WINDTOP.EXE dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the WINDTOP.EXE process and delete the file WINDTOP.EXE.
WINDTOP.EXE is related to: TR/Dropper.Gen, WINDTOP.EXE.
Virustotal = 39/51
MD5 = D6246A40858DCD837F4EF24F9D8F0BC2
File Size: 481792
File information:
OriginalFilename: windtop.exe
FileDescription: Windows Desktop
InternalName: WindowsDesktop
FileVersion: 1,0,0,0
LegalCopyright: Microsoft 2011
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.