home

gcupdater.exe

Noverix Enterpriprise Ltd.

The application gcupdater.exe by Noverix Enterpriprise has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named JoyvyUpdate triggered to execute each time a user logs in.
Publisher:
Noverix Enterpriprise Ltd.  (signed and verified)

MD5:
883e8b1914e2da2f39de8b34f1f7fd49

SHA-1:
b78cdc7d20f61f7878e95747580635600446c948

SHA-256:
8b926150c27a9152a9c86f102f28495452051d0a79e6f7937686711e427efca6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 12:33:02 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Blisbury (M)
17.2.11.15

File size:
176.2 KB (180,464 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\joyvy\gcupdater.exe

Digital Signature
Signed by:
Noverix Enterpriprise Ltd.

Authority:
DigiCert Inc

Valid from:
12/17/2012 3:00:00 AM

Valid to:
12/22/2014 3:00:00 PM

Subject:
CN=Noverix Enterpriprise Ltd., O=Noverix Enterpriprise Ltd., L=Road Town, S=Tortola, C=VG

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0D69D58F1B3EF4A92C6AF2BCCB515EDD

File PE Metadata
Compilation timestamp:
4/4/2013 3:38:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x7600

Code size:
62 KB (63,488 bytes)

Scheduled Task
Task name:
JoyvyUpdate

Trigger:
Logon (Runs on logon)


Remove gcupdater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.