Windefender.exe - Virus Report

WinDefender.exe is a trojan that may represent security risk for your system.

Processes: WinDefender.exe

Files:

* %AppData%\data.dat
* %AppData%\WinDefender.exe

Registry:

Registry keys created :

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{FA34EB86-3FC2-EEEA-EFB8-EED6A0DBD99A}
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run
* HKEY_CURRENT_USER\Software\Microsoft\Active Setup\Installed Components\{FA34EB86-3FC2-EEEA-EFB8-EED6A0DBD99A}

Registry values created :

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{FA34EB86-3FC2-EEEA-EFB8-EED6A0DBD99A}
      o StubPath = "%AppData%\WinDefender.exe"
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run
      o Windows Defender = "%AppData%\WinDefender.exe"
* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      o Windows Defender = "%AppData%\WinDefender.exe"
* HKEY_CURRENT_USER\Software\Microsoft\Active Setup\Installed Components\{FA34EB86-3FC2-EEEA-EFB8-EED6A0DBD99A}
      o StubPath = "%AppData%\WinDefender.exe"
* [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      o Windows Defender = "%AppData%\WinDefender.exe"

This is a Virus that needs to be added to the avast definitions.


Welcome to the forums, genusis :slight_smile:

Thank you for reporting the information and hopefully it will be included soon.


Also, you can send this threat to virus(at)avast.com
Thanks…!
asyn