BRUZWB.EXE – Backdoor PcClien

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

BRUZWB.EXE – Backdoor PcClien removal

FileMD5Virus Alias
BRUZWB.EXE 0fd4d899c535c6189c2eca070814b976 Backdoor PcClien
BRUZWB.EXE 0fd4d899c535c6189c2eca070814b976 Trojan Eldorado
BRUZWB.EXE 0fd4d899c535c6189c2eca070814b976 Fake Antivirus SecurityShield
BRUZWB.EXE 0fd4d899c535c6189c2eca070814b976 Trojan Agent
BRUZWB.EXE 0fd4d899c535c6189c2eca070814b976 Backdoor IRCBot
BRUZWB.EXE 0fd4d899c535c6189c2eca070814b976 Backdoor Bifrose

BRUZWB.EXE size: 48128 bytes
BRUZWB.EXE hash: 0FD4D899C535C6189C2ECA070814B976

Created files:

%Program Files Common%\Microsoft Shared\bruzwb.dll
%Program Files Common%\Microsoft Shared\bruzwb.exe
%TEMP%\bruzwb.dll
%TEMP%\bruzwbreg.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\COMSysApp\Type: 10010000
HKLM\System\CurrentControlSet\Services\COMSysApp\Start: 02000000
HKLM\System\CurrentControlSet\Services\COMSysApp\ImagePath: 43003A005C00500072006F006700720061006D002000460069006C00650073005C0043006F006D006D006F006E002000460069006C00650073005C004D006900630072006F0073006F006600740020005300680061007200650064005C006200720075007A00770062002E00650078006500200063006F006D007300790073006100700070000000

Detected by UnHackMe:

BRUZWB.EXE
Default location: %PROGRAM FILES COMMON%\MICROSOFT SHARED\BRUZWB.EXE

Dropper information:
MD5: 0fd4d899c535c6189c2eca070814b976
File size: 48128 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images