I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
DEVIL.EXE – Backdoor Bifrose removal
| File | MD5 | Virus Alias |
|---|---|---|
| DEVIL.EXE | 338ce9ca3023e6233cd875f6c955a9c4 | Backdoor Bifrose |
| DEVIL.EXE | 338ce9ca3023e6233cd875f6c955a9c4 | Trojan MulDrop4 |
| DEVIL.EXE | 338ce9ca3023e6233cd875f6c955a9c4 | Trojan Eldorado |
| DEVIL.EXE | 338ce9ca3023e6233cd875f6c955a9c4 | Trojan Agent |
| DEVIL.EXE | 338ce9ca3023e6233cd875f6c955a9c4 | Trojan ADH |
| DEVIL.EXE | 338ce9ca3023e6233cd875f6c955a9c4 | Virus CeeInject |
DEVIL.EXE size: 93314 bytes
DEVIL.EXE hash: 338CE9CA3023E6233CD875F6C955A9C4
Created files:
%SysDir%\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\devil.exe
%SysDir%\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\U94.exe
%Temp%\IXP000.TMP\devil.exe
%Temp%\IXP000.TMP\U94.exe
%Temp%\~nvasvniubiumugh
%Temp%\~palmwhjoaijbmli
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%Temp%\IXP000.TMP\”
Detected by UnHackMe:
DEVIL.EXE
Default location: %SYSDIR%\SOFTWAREDISTRIBUTION\SETUP\SERVICESTARTUP\WUPS2.DLL\7.4.7600.226\DEVIL.EXE
Dropper information:
MD5: 00fefbc50153fb04c96ecf6d31995f9a
File size: 666071 bytes