Exterminate It! Antimalware

malpedia

Known threats:699,742 Last Update:October 27, 11:19

Testimonials

Matt,

Thanks so much for your help. For now, this seemed to have solved the problem and found all the infected files. I'll keep you updated, as I know this virus can be very hard to kill.

Thanks a million.

Jason

File: Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}

Location of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} and Associated Malware

Check whether Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} is present in the following locations:

Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} file locations that are Windows version independent:

  • C:\Windows\System32\Tasks\Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}

If you find Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} File^

File SizeFile Md5Last Seen
360003907D1683D86C68522F0C3C190E0EC1Mar 13, 2017
36007E07BB4E9BE86F25ACB3A5B7AC69F94DMar 21, 2017
35984F757565351BABD7ED6E16A891AB3EB5Mar 22, 2017
3604E98D4E3F4805BC0251E89C33188860D1Mar 31, 2017
36069CABC0ED5010860FD8B6B778EE2E113EApr 5, 2017
3602DA5CCE9A2DFC60DD16607656BB506321Apr 10, 2017
359819E98193F502E344FF0D04FFDE2D03BAApr 13, 2017
360214CABC92714CFDE2FCEC2D76FDF44F82May 16, 2017
359850A75967D18679859311AE4A0ABB0E34May 21, 2017
373234E2A18CAE8375029AB01B06B21F79BEMay 23, 2017
3600AD63E3B05445DAC2AAE859BB858BA0B2Jun 4, 2017
3600FD27D29CB77BBBADC1FD6A1C38654538Jun 11, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}^

  1. To enable deleting the Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} and Associated Malware.
  6. Notes:

    • The deletion of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}. The name of the first found registry value referencing Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873}, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of Tools_Update_{CFAC34AB-5DB5-4dea-94EC-1D42E3942873} and Associated Malware.