A few days ago, I started getting download pop-ups for something called Winupd (usually followed by four numbers that varied from pop-up) on the downstairs computer (a Windows 7).
Today, I finally decided to google what this was and discovered that's it's a very evil virus that gives people external control over your computer. I quickly found a few guides to get rid of it. One said to open up Task Manager and see if it's currently running: it was nowhere in Task Manager.
Another said to look in the various sections of your computer to see if you could find a file named winupd.exe; and it wasn't there. What should I do?

Apologies if you've already tried this, but did you check the processes tab?

Also, mayhaps try a system restore?

I checked the processes tab.

What will restore do?

I checked the processes tab.

What will restore do?

Restore your computer to an earlier save point. If this is before the program was installed, it generally (but not always) will get rid of it.

Standard treatment process:
Acquire a known and capable anti-malware (specifically malware, not general antivirus; the malware ones tend to be better for specific treatments) program, such as MalwareBytes or (for the more hands-on inclined, since it doesn't do automatic ID and removal, just tells you everything going on in your registry) HijackThis.

Reboot your computer into Safe mode (restart the computer. While it's booting, press and hold F8 until you see the 'advanced startup options' screen.) This launches the OS in the bare minimum necessary mode, and disables many of the simpler and more common protections viruses and other malware use to prevent themselves from being discovered and removed by protective software.

Run your anti-malware and tell it to scan. Go make a sandwich, have a cup of coffee, and catch up a bit on your reading, whatever- this bit can take a while. Sooner or later the scan will be complete, and hopefully the program will have found your problem. Tell it 'yes, I want you to fix this', and let it do what it does. Your virus should now be removed- if you want to be certain, do another reboot-safe mode-scan round. If you're less patient/paranoid, reboot to a normal startup and see if the computer continues to behave strangely.

A few days ago, I started getting download pop-ups for something called Winupd (usually followed by four numbers that varied from pop-up) on the downstairs computer (a Windows 7).
Today, I finally decided to google what this was and discovered that's it's a very evil virus that gives people external control over your computer. I quickly found a few guides to get rid of it. One said to open up Task Manager and see if it's currently running: it was nowhere in Task Manager.
Another said to look in the various sections of your computer to see if you could find a file named winupd.exe; and it wasn't there. What should I do?

Quick note.

Windows Update I find has a tendancy to once in a while have it's ports open, and thus spam/spyware gets in.
So when Windows Update tells me there are updates, I write down the number next to the update, and google it. 9 times out of 10 it's been legit. But sometimes, it's been fraudulent.
When you find yourself in this situation, immediately go and do a virus scan, that usually clears everything right up. Make sure your virus scan definitions are up to date.

If you need a free virus scanner that is dependable, look up AVG. Free gets you a firewall and virus scanning. I'd argue that it is better than Norton or McAfee but that has just been my personal experience.


Lastly, Facebook games are notorious for spyware right now. Not much of it is malicious, but be careful.

If you're getting the download pop-ups but have never downloaded the thing, then you ought to be safe? WINUPD is, as far as I know, a Trojan and thus requires you to actually install it yourself before it'll do anything.

The other advice would be to stop visiting the website where you're getting this pop-up, of course... :smallsmile:

I have found and deleted the Winupd files, and the problem seems to be solved.