I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
BINDOK.EXE – Backdoor Hupigon removal
File | MD5 | Virus Alias |
---|---|---|
BINDOK.EXE | 553dc4f5e7ab449290a62bbab383bf4d | Backdoor Hupigon |
BINDOK.EXE | 553dc4f5e7ab449290a62bbab383bf4d | Trojan Genome |
BINDOK.EXE | 553dc4f5e7ab449290a62bbab383bf4d | Trojan Eldorado |
BINDOK.EXE | 553dc4f5e7ab449290a62bbab383bf4d | Trojan Downloader |
BINDOK.EXE | 553dc4f5e7ab449290a62bbab383bf4d | Trojan CI |
BINDOK.EXE | 553dc4f5e7ab449290a62bbab383bf4d | Worm Autorun |
BINDOK.EXE size: 88576 bytes
BINDOK.EXE hash: 553DC4F5E7AB449290A62BBAB383BF4D
Created files:
C:\misc.sys
%SysDir%\actmov.exe
%TEMP%\Bindok.exe
%TEMP%\IXP000.TMP\nod1.exe
%TEMP%\IXP000.TMP\SDT56218.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\ReStoreSdtSvc\Type: 01000000
HKLM\System\CurrentControlSet\Services\ReStoreSdtSvc\Start: 03000000
HKLM\System\CurrentControlSet\Services\ReStoreSdtSvc\DisplayName: ReStoreSdtSvc
HKLM\System\CurrentControlSet\Services\ReStoreSdtSvc\ImagePath: C:\misc.sys
HKLM\System\CurrentControlSet\Services\Windowsactmov\Type: 10010000
HKLM\System\CurrentControlSet\Services\Windowsactmov\Start: 02000000
HKLM\System\CurrentControlSet\Services\Windowsactmov\DisplayName: Performance Logs and Ale
HKLM\System\CurrentControlSet\Services\Windowsactmov\ImagePath: %WinDir%\System32\actmov.exe
Detected by UnHackMe:
BINDOK.EXE
Default location: %TEMP%\BINDOK.EXE
Dropper information:
MD5: 16216c8dbd358031dbdee98fb1960c68
File size: 1272124 bytes