update.exe

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘qwupdate’.
MD5:
4469efe6bbb02af97f17ea4f0cc744e3

SHA-1:
deaa34b58f6aef5d703db0376d93e5e95c2c1a66

SHA-256:
5eae6ccb5ee093155fd74d027577432ebc5dd4310a36a9607b6dde468c939e0b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 4:34:33 AM UTC  (today)

File size:
67.5 KB (69,120 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
12/6/2013 5:08:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:q97e0kgWq6o+SkYqWdFQzRMK0yIRoaMcqOlS:GK0kgsjSxvFQzRMK0OaMJOlS

Entry address:
0x8351

Entry point:
E8, 92, 03, 00, 00, E9, 36, FD, FF, FF, 6A, 14, 68, 50, C9, 40, 00, E8, C9, 00, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, D7, 03, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, BF, 00, 00, 00, C2, 10, 00, 6A, 0C, 68, 70, C9, 40, 00, E8, 6B, 00, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Entropy:
6.3070

Code size:
34.5 KB (35,328 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
qwupdate

Command:
C:\x 17 windows 7\update.exe


The file update.exe has been discovered within the following programs.

WordWeb  by WordWeb Software
WordWeb is an international English dictionary and thesaurus program based on the WordNet database. The program is activated by holding down CTRL and right-clicking on a word in almost any program. This opens the WordWeb main window, with definitions and other help.
wordweb.info
5% remove it
XBMC  by Team XBMC
XBMC is a free and open source media player application developed by the XBMC Foundation, a non-profit technology consortium. XBMC is available for multiple operating-systems and hardware platforms, featuring a 10-foot user interface for use with televisions and remote controls.
xbmc.org
About 9% of users remove it
Xvid Video Codec  by Xvid Team
Xvid is a video codec library following the MPEG-4 standard, specifically MPEG-4 Part 2 Advanced Simple Profile (ASP). It uses ASP features such as b-frames, global and quarter pixel motion compensation, lumi masking, trellis quantization, and H.
www.plymouth.ac.uk
1% remove it
ZGame Toolbar  by Visicom Media inc.
ZGame Toolbar is a Visicom Media (VMN) toolbar that integrates with major web browsers including Google Chrome, Firefox and Internet Explorer.
software.visicommedia.com
86% remove it
 
Powered by Should I Remove It?

Scan update.exe - Powered by Reason Core Security