PUA

PUP.Optional.WinZipDriverUpdater removal

Malware Removal

The PUP.Optional.WinZipDriverUpdater is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUP.Optional.WinZipDriverUpdater virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Collects information about installed applications

How to determine PUP.Optional.WinZipDriverUpdater?



File Info:

name: 208D6230347E524925A8.mlw
path: /opt/CAPEv2/storage/binaries/d51e357f572ae11df9a0cc4f5d7416de3699b974aa74f092269449d6003fac53
crc32: 3B298A1D
md5: 208d6230347e524925a8c95d9fa76c67
sha1: d1c6e3549fb431481748fe221fd07225e26d743b
sha256: d51e357f572ae11df9a0cc4f5d7416de3699b974aa74f092269449d6003fac53
sha512: b7fce7f9f3739119cdff2c4abc86fb3e72fa4be9216ce6154389cb60b407d29fe42efac74df36109b5c3e6fe68ad9daef39ae6f6ca5a71e2405e8e6f70d3d8b5
ssdeep: 196608:gaw+9Nk23lUoVU7zhkY0blFUvohyQ7F2tmzLvS+ltCjadRJqxdVCtpf7hyFk/vbV:gkU8lUom7z2p3PVAtmzy0JmMhUk/vsA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F6F633573226290FFB9671BADC1B80546B34FF238C8D646FB29677192F31AD1D962B00
sha3_384: e60eefd4645abc470319cf751de22083299d2e4cdd46ef3712f8849b3e486286b6d1ba5a5301d928572e6e2520a27d33
ep_bytes: 81ecd4020000535556576a2033ed5e89
timestamp: 2010-04-10 12:19:31


Version Info:

CompanyName: Corel Corporation
FileDescription: WinZip Driver Updater installer
FileVersion: 5.40.0.20
InternalName: DriverUpdater.exe
LegalCopyright: Copyright © 1991-2021 Corel Corporation. All Rights Reserved.
OriginalFileName: WZDUSetup_5.40.0.20.exe
ProductName: WinZip Driver Updater
ProductVersion: 5.40.0.20
Translation: 0x0409 0x0000

PUP.Optional.WinZipDriverUpdater also known as:

CAT-QuickHealTrojan.Agent
MalwarebytesPUP.Optional.WinZipDriverUpdater
ESET-NOD32a variant of Win64/DriverReviver.A potentially unwanted
DrWebProgram.Unwanted.4845
GDataWin32.Application.DriverReviver.A
FortinetAdware/DriverReviver
CrowdStrikewin/grayware_confidence_70% (D)

How to remove PUP.Optional.WinZipDriverUpdater?

PUP.Optional.WinZipDriverUpdater removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment