xpupdate.exe was added to FreeFixer's database on the 27 Dec 2006. The most recent search for this file was done on 10 Apr 2007. xpupdate.exe is usually located in the 'C:\Windows\' folder.
Please note that the filename and the location of the file can vary. A list of the most common filename and folder variants are located ahead in this document.
So far there has been 14 searches for xpupdate.exe.
If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.
This file does not have any version information.
xpupdate.exe may also use other filenames. The most common variants are listed below:
xpupdate.exe may also be located in other folders than C:\Windows\. The most common variants are listed below:
To help other users, please let us know what you will do with the file:
The poll results listed below shows what other users choose to do with the file.
| Votes | |||
|---|---|---|---|
| Keep | 22.7 % | 15 | |
| Remove | 77.3 % | 51 |
NOTE: Please do not use this poll as the only source of input to determine what you will do with the file.
xpupdate.exe
The filename is associated with the malware group Generic5.NZV.Some files using the name
xpupdate.exe is a component of the Rogue Security software BraveSentry.
BraveSentry Description
BraveSentry is a rogue anti spyware program that hijacks the web browser and it is known to issue fake warnings on your computer in order to manipulate you into buying its full commercial version. It can also be installed from the BraveSentry website and has been forced onto the computer without EULA and users knownledge of installation. It does not actually detect parasites, but targets harmless system and software objects as threats in attempt to trick the user into purchasing the full version of BraveSentry. BraveSentry is related to SpySheriff and Spware-no.
XPUPDATE.EXE has been seen to perform the following behavior(s):
The Process is packed and/or encrypted using a software packing process
Adds a Registry Key (RUN) to auto start Programs on system start up This Process
Deletes Other Processes From Disk
Adds Products to the system registry
This Process Creates Other Processes On Disk
Can communicate with other computer systems using HTTP protocols
Modifies Windows Security Policies to restrict/expand User Privleges on the machine
Executes a Process
Modifies the Active Desktop Background
Deletes a Scheduled Task
Registers a Dynamic Link Library File
Created as a process on disk
Executed as a Process Added as a Registry auto start to load Program on Boot up
Deleted as a process from disk Writes to another Process's Virtual Memory (Process Hijacking) Executed from Temporary Folders Terminated as a Process
other Brave Sentry files
BraveSentrySetup[1].exe
dxvwabxj.exe
vxgame[X2].exe
voi[X1].exe
taskdir.exe
services.exe
maxd64.exe
kerneles8.exe
alg.exe
xpupdate.exe
win32.exe
vxh8jkdq[X2].exe
vxgamet[X2].exe
xpupdate.exe bravesentry.exe
win32.exe
vxh8jkdq[X2].exe
vxgamet[X2].exe
bravesentry.exe
To see a list of this malware's registry entries see here.
http://www.spywareremove.com/removeBraveSentry.html
XPUPDATE.EXE are also associated with the malware groups:
Trojan.Vundo Downloader.Drev.A SpywareQuake
An excellent Rogue security software database
http://ca.com/be/en/securityadvisor/pest/browse.aspx?cat=Rogue+Security+Software
# 1 Jan 2008, 10:04
SpamBUSTERS writes
9 thumbs