Is the file ADOBEFLASHUPDATOR.EXE located on your computer? Then your computer is infected.
We do suggest you should remove ADOBEFLASHUPDATOR.EXE from your computer as soon as possible.
ADOBEFLASHUPDATOR.EXE is Trojan/Backdoor.
Kill the process ADOBEFLASHUPDATOR.EXE and remove ADOBEFLASHUPDATOR.EXE from the Windows startup.
Malware Analysis of ADOBEFLASHUPDATOR.EXE
Full path on a computer: %Temp%\adobeflashupdator.exe
Detected by UnHackMe:
ADOBEFLASHUPDATOR.EXE
Default location: %Temp%\adobeflashupdator.exe
Removal Results: Success
Number of reboot: 1
ADOBEFLASHUPDATOR.EXE is known as:
Trojan.Agent, Trojan ( 0015967a1 ), Trojan.Agent.qcd, Trojan.Graftor.FOzYFcmDl4E, DLOADER.Trojan, TR.Graftor.124082.1, Dropper.Agent, Win32.Agent.QCD, W32.Agent.QCD, Trojan.Agent.QCD
ADOBEFLASHUPDATOR.EXE hash:
- MD5: db80c64feedadd308521f1d0517a5f0f
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect ADOBEFLASHUPDATOR.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: “rundll32.exe %SysDir%\advpack.dll,DelNodeRunDLL32 “%Temp%\IXP000.TMP\”"
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\itunesupdator.exe: “%Temp%\adobeflashupdator.exe”
Folders:- %Local Appdata%\Adobe
- %Local Appdata%\Adobe\AIH.b8603559ef0fe5a56b1a81e3ebfbd0a7532e39ff
- %Temp%\1024
- %Temp%\IXP000.TMP
Files:- %Appdata%\Microsoft\CryptnetUrlCache\Content\398EE64D66758B5715368AA94044B13A
- %Appdata%\Microsoft\CryptnetUrlCache\MetaData\398EE64D66758B5715368AA94044B13A
- %Local Appdata%\Adobe\AIH.b8603559ef0fe5a56b1a81e3ebfbd0a7532e39ff\downloader.bundle
- %Local Appdata%\Adobe\AIH.b8603559ef0fe5a56b1a81e3ebfbd0a7532e39ff\downloader.dll
- %Local Appdata%\Adobe\AIH.b8603559ef0fe5a56b1a81e3ebfbd0a7532e39ff\launcher.bundle
- %Local Appdata%\Adobe\AIH.b8603559ef0fe5a56b1a81e3ebfbd0a7532e39ff\launcher.dll
- %Temp%\adobeflashupdator.exe
- %Temp%\INSTAL~1.exe
- %Temp%\IXP000.TMP\ADOBEF~1.EXE