NETWORK SETUP WIZARD.EXE – Backdoor IRCBot

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

NETWORK SETUP WIZARD.EXE – Backdoor IRCBot removal

FileMD5Virus Alias
NETWORK SETUP WIZARD.EXE 44c62fd8694884fa782d6fa0c07498d2 Backdoor IRCBot
NETWORK SETUP WIZARD.EXE 44c62fd8694884fa782d6fa0c07498d2 Backdoor Maximus
NETWORK SETUP WIZARD.EXE 44c62fd8694884fa782d6fa0c07498d2 Trojan Delphi
NETWORK SETUP WIZARD.EXE 44c62fd8694884fa782d6fa0c07498d2 Trojan Delf

NETWORK SETUP WIZARD.EXE size: 1163593 bytes

Created files:

%SysDir%\sIRC4.exe
%SysDir%\xdccPrograms\Network Setup Wizard.exe
%SysDir%\xdccPrograms\Opera_1161_int_Setup.exe
%SysDir%\xdccPrograms\Wireless Network Setup Wizard.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe sIRC4.exe

Detected by UnHackMe:

NETWORK SETUP WIZARD.EXE
Default location: %SYSDIR%\XDCCPROGRAMS\NETWORK SETUP WIZARD.EXE

Dropper information:
MD5: 54e9354a73fda92aedc68af8426dc4c5
File size: 1114004 bytes

Leave a Reply