epuhelp.exe – Both malware and legit

There’s a legitimate file name epuhelp.exe, but also a malware file which resides in the roaming startup folder. Here are the detection results for the malware variant of epuhelp.exe:

  • Symantec WS.Reputation.1
  • Avast Win32:Dropper-gen [Drp]
  • Fortinet W32/Redyms.AF!tr
  • Comodo UnclassifiedMalware
  • AhnLab-V3 Trojan/Win32.Redyms
  • VIPRE Trojan.Win32.Generic!BT
  • Emsisoft Trojan.GenericKD.1516999 (B)
  • Ad-Aware Trojan.GenericKD.1516999
  • BitDefender Trojan.GenericKD.1516999
  • F-Secure Trojan.GenericKD.1516999
  • GData Trojan.GenericKD.1516999
  • MicroWorld-eScan Trojan.GenericKD.1516999
  • TrendMicro-HouseCall TROJ_GEN.F47V0125
  • Norman Suspicious_Gen4.FRVNE
  • Panda Suspicious file
  • Qihoo-360 HEUR/Malware.QVM20.Gen
  • AVG Crypt2.CJNF
  • McAfee Artemis!DBF5F8C5A151
  • McAfee-GW-Edition Artemis!DBF5F8C5A151
  • Baidu-International Adware.Win32.iBryte.BTOF
  • ESET-NOD32 a variant of Win32/Kryptik.BTOF

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s