I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
NETBACKUP.EXE – Backdoor Hupigon removal
| File | MD5 | Virus Alias |
|---|---|---|
| NETBACKUP.EXE | 693368823c82411bc96336c9cddfb0d5 | Backdoor Hupigon |
| NETBACKUP.EXE | 693368823c82411bc96336c9cddfb0d5 | Trojan MLW |
| NETBACKUP.EXE | 693368823c82411bc96336c9cddfb0d5 | Trojan Eldorado |
| NETBACKUP.EXE | 693368823c82411bc96336c9cddfb0d5 | Trojan Downloader |
| NETBACKUP.EXE | 693368823c82411bc96336c9cddfb0d5 | Backdoor Nitol |
| NETBACKUP.EXE | 693368823c82411bc96336c9cddfb0d5 | Trojan Delf |
NETBACKUP.EXE size: 316466 bytes
NETBACKUP.EXE hash: 693368823C82411BC96336C9CDDFB0D5
Created files:
%SysDir%\netbackup.exe
%SysDir%\syst.dll
%Temp%\IXP000.TMP\4.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\netbackup\Type: 10010000
HKLM\System\CurrentControlSet\Services\netbackup\Start: 02000000
HKLM\System\CurrentControlSet\Services\netbackup\DisplayName: Remote Help & Control Service backup
HKLM\System\CurrentControlSet\Services\netbackup\ImagePath: %WinDir%\System32\netbackup.exe
HKLM\System\CurrentControlSet\Services\netctrl\Type: 10010000
HKLM\System\CurrentControlSet\Services\netctrl\Start: 02000000
HKLM\System\CurrentControlSet\Services\netctrl\DisplayName: Remote Help & Control Service
HKLM\System\CurrentControlSet\Services\netctrl\ImagePath: %WinDir%\System32\svchost.exe -k remoteservice
HKLM\System\CurrentControlSet\Services\netctrl\Info: xwimd54<=403*sodx'ogw>=678796:17?0;72,{??8???<
HKLM\System\CurrentControlSet\Services\netctrl\Enum\0: Root\LEGACY_netctrl\0000
HKLM\System\CurrentControlSet\Services\netctrl\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073007900730074002E0064006C006C000000
Detected by UnHackMe:
NETBACKUP.EXE
Default location: %SYSDIR%\NETBACKUP.EXE
Dropper information:
MD5: 037a594815a727f03142860e16cca0f6
File size: 183808 bytes