NETWORK SETUP WIZARD.EXE – Backdoor IRCBot

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

NETWORK SETUP WIZARD.EXE – Backdoor IRCBot removal

File MD5 Virus Alias
NETWORK SETUP WIZARD.EXE 13e7382423a171c2bd3f05330ee933ab Backdoor IRCBot
NETWORK SETUP WIZARD.EXE 13e7382423a171c2bd3f05330ee933ab Backdoor Maximus
NETWORK SETUP WIZARD.EXE 13e7382423a171c2bd3f05330ee933ab Trojan Delphi
NETWORK SETUP WIZARD.EXE 13e7382423a171c2bd3f05330ee933ab Trojan Delf

NETWORK SETUP WIZARD.EXE size: 692117 bytes
NETWORK SETUP WIZARD.EXE hash: 13E7382423A171C2BD3F05330EE933AB

Created files:

%SysDir%\sIRC4.exe
%SysDir%\xdccPrograms\Network Setup Wizard.exe
%SysDir%\xdccPrograms\Opera_1161_int_Setup.exe
%SysDir%\xdccPrograms\Wireless Network Setup Wizard.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe sIRC4.exe

Detected by UnHackMe:

NETWORK SETUP WIZARD.EXE
Default location: %SYSDIR%\XDCCPROGRAMS\NETWORK SETUP WIZARD.EXE

Dropper information:
MD5: 13e7382423a171c2bd3f05330ee933ab
File size: 692117 bytes

Leave a Reply