We received the file UPDATELUCKYLEAP.EXE and detected that UPDATELUCKYLEAP.EXE is not good.
UPDATELUCKYLEAP.EXE is Adware. You should remove the file UPDATELUCKYLEAP.EXE.
Kill the process UPDATELUCKYLEAP.EXE and remove UPDATELUCKYLEAP.EXE from Windows.
Malware Analysis of UPDATELUCKYLEAP.EXE
Full path on a computer: %Program Files%\lucky leap\updateluckyleap.exe
Detected by UnHackMe:
UPDATELUCKYLEAP.EXE
Default location: %Program Files%\lucky leap\updateluckyleap.exe
Removal Results: Success
Number of reboot: 1
UPDATELUCKYLEAP.EXE is known as:
Adware.BrowseFox
UPDATELUCKYLEAP.EXE hash:
- MD5: 9069ad8b5821339419a5843db04b7f92
The file tries to connect to the dangerous web site.
How to quickly detect UPDATELUCKYLEAP.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update lucky leap\EventMessageFile: “%WinDir%\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll”
- HKLM\System\CurrentControlSet\Services\Update lucky leap\ImagePath: “”%Program Files%\lucky leap\updateluckyleap.exe”"
- HKLM\System\CurrentControlSet\Services\Update lucky leap\DisplayName: “Update lucky leap”
- HKLM\System\CurrentControlSet\Services\Update lucky leap\ObjectName: “LocalSystem”
- HKLM\System\CurrentControlSet\Services\Eventlog\Application\Sources: ‘Update lucky leap WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows 3.1 Migration WebClient VSSetup VSS vmtools VBRuntime Userinit Userenv TPVCGateway Tlntsvr System.ServiceModel 4.0.0.0 System.Runtime.Serialization 4.0.0.0 System.IO.Log 4.0.0.0 System.IdentityModel 4.0.0.0 SysmonLog Starter SpoolerCtrs Software Restriction Policies Software Installation ServiceModel Audit 4.0.0.0 SecurityCenter SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Outlook Offline Files Oakley ntbackup MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft.Transactions.Bridge 4.0.0.0 Microsoft H.323 Telephony Service Provider Microsoft (R) Visual C# 2005 Compiler LoadPerf HelpSvc Folder Redirection File Deployment EventSystem ESENT DrWatson Dot3Svc DiskQuota crypt32 COM+ COM Ci Chkdsk CardSpace 4.0.0.0 AutoEnrollment Autochk ASP.NET 4.0.30319.0 ASP.NET 2.0.50727.0 Application Management Application Hang Application Error .NET Runtime Optimization Service .NET Runtime 4.0 Error Reporting .NET Runtime 2.0 Error Reporting .NET Runtime Application’
Folders:- %Local Appdata%\Google\Chrome\User Data\Default\Extensions
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\Temp
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj
- %Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\9\ED
- %Program Files%\lucky leap
Files:- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\bookmarkbackups\bookmarks-2013-09-18.json
- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\firefox@luckyleap.net.xpi
- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_000058
- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_000059
- %Local Appdata%\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eiimolhnbbbdagljikeckdkldgemmmlj_0.localstorage
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0\background.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0\content.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0\icon.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj\1.0.0_0\manifest.json
- %Local Appdata%\Google\Chrome\User Data\Default\History Index 2013-09
- %Local Appdata%\Google\Chrome\User Data\Default\History Index 2013-09-journal
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj\000003.log
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj\CURRENT
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj\LOCK
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj\LOG
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\eiimolhnbbbdagljikeckdkldgemmmlj\MANIFEST-000002
- %Local Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\Cache\9\ED\FB4ECd01
- %Temp%\1fae_appcompat.txt
- %Program Files%\lucky leap\eiimolhnbbbdagljikeckdkldgemmmlj.crx
- %Program Files%\lucky leap\luckyleap.Common.dll
- %Program Files%\lucky leap\luckyleap.ico
- %Program Files%\lucky leap\luckyleapUninstall.exe
- %Program Files%\lucky leap\Microsoft.Win32.TaskScheduler.dll
- %Program Files%\lucky leap\sqlite3.exe
- %Program Files%\lucky leap\updateluckyleap.exe
- %Program Files%\lucky leap\updateluckyleap.InstallState