How to remove eupgrade.exe
- File Details
- Overview
- Analysis
eupgrade.exe
The module eupgrade.exe has been detected as Adware.ELEX
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
92f05755631d0df425e3fe58c2044e20 |
| Size: |
1 MB |
| First Published: |
2017-05-28 04:14:08 (7 years ago) |
| Latest Published: |
2023-07-26 23:52:53 (2 years ago) |
| Status: |
Adware.ELEX (on last analysis) |
|
| Analysis Date: |
2023-07-26 23:52:53 (2 years ago) |
Overview
| Signed By: |
Chencheng Cai |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %sysdrive%\docume~1\admini~1\locals~1\temp\ist439.tmp\tools\wzp\eupgrade |
| %temp%\ist8ebc.tmp\tools\wzp\eupgrade |
| %temp%\ist5cda.tmp\tools\wzp |
| %temp%\ist2480.tmp\tools\wzp |
| %temp%\ist71b6.tmp\tools\wzp |
| %sysdrive%\windows.old\users\trang\appdata\roaming\winziper\update\wzp_update_v2.2.74.exe\tools\wzp |
| %sysdrive%\system volume information\systemrestore\frstaging\users\juliand\appdata\local\temp\ist899c.tmp\tools\wzp |
|
28.6% |
|
|
14.3% |
|
|
14.3% |
|
|
14.3% |
|
|
14.3% |
|
|
14.3% |
|
| Windows 7 |
50.0% |
|
| Windows XP |
12.5% |
|
| Windows 8.1 |
12.5% |
|
| Windows 10 |
12.5% |
|
| Windows 8 |
12.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000879f3 |
| Name |
Size of data |
MD5 |
| .text |
722432 |
5c266ea73f34b23ae783776b82d0a0d6 |
| .rdata |
239616 |
49c673bdbbf429877ac99be3c0d84279 |
| .data |
24576 |
e8f146100a8c478282d917caa086ec49 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
17920 |
e6a0052f86bf297fa1e58b428c0eec14 |
| .reloc |
113152 |
74b318023ab367bfe155b02f02478bd6 |
