Malware Info: Bidpher Trojan

Removing Bidpher
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Bidpher Also known as:


[Kaspersky]Backdoor.Win32.Agent.fo,SpamTool.Win32.Agent.s;
[McAfee]Spam-Mailbot;
[Other]Win32/Bidpher.G,Backdoor.Nibu,Win32/Bidpher,Win32/Bidpher.F,Trojan.Abwiz

How to detect Bidpher:

Registry Keys: HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512006} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512007} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512001} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512002} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512003} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512004} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512005} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512008} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512009} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512010} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512011} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512012} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512013} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512014} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512015} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512016} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512017} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512018} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512019} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512020} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512021} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512022} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512023} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512024} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512025} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512026} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512027} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512028} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512029} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512030} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512031} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512032} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512033} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512034} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512035} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512036} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512037} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512038} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512039} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512040} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512041} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512042} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512043} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512044} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512045} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512046} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512047} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512048} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512049} HKEY_CLASSES_ROOT\clsid\{a3bc5e20-0235-1abf-9ce1-00aa00512050}

Registry Values: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload

Removing Bidpher:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
small.awd Downloader Cleaner
Bancos.INK Trojan Cleaner
DomainHelper Adware Removal instruction
MyTool Adware Symptoms
Ieasis Ransomware Information

Malware Info

Blog Archive

About Me

Tuesday, October 21, 2008

Bidpher Trojan

How to detect Bidpher:

Removing Bidpher:

No comments: