Trojan.Nsis.Downloader.dbtvju

Trojan No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

Trojan.Nsis.Downloader.dbtvju also known as Trojan.Agent.BDYY, not-a-virus:Downloader.NSIS.Agent.jl, Suspicious_GEN.F47V0709.

Malware Analysis of Trojan.Nsis.Downloader.dbtvju

Created files:

%Temp%\BaiduPlayerNetSetup_397.exe
%Temp%\BDDownloader_Installer\1.0.106.1[2014-7-14-17-36-54]\7z.dll
%Temp%\BDDownloader_Installer\1.0.106.1[2014-7-14-17-36-54]\bdcomproxy.dll
%Temp%\BDDownloader_Installer\1.0.106.1[2014-7-14-17-36-54]\bddownloader.exe
%Temp%\BDDownloader_Installer\1.0.106.1[2014-7-14-17-36-54]\dl.dll
%Temp%\G0630_s_70883.exe
%Temp%\G30769_s_0529.exe
%Temp%\i.rar
%Temp%\nsc2.tmp
%Temp%\nsh6.tmp
%Temp%\nss3.tmp\Base64.dll
%Temp%\nss3.tmp\Inetc.dll
%Temp%\nss3.tmp\nsProcess.dll
%Temp%\nss3.tmp\System.dll
%Temp%\nsw7.tmp\BDMSkin.dll
%Temp%\nsw7.tmp\GetSupplyId.dll
%Temp%\nsw7.tmp\KVInstallHelper.dll
%Temp%\nsw7.tmp\NewPih.dll
%Temp%\nsw7.tmp\PluginInstallHelper.dll
%Temp%\nsw7.tmp\res\InstallWnd.zip
%Temp%\nsw7.tmp\System.dll
%Temp%\nsx4.tmp
%Temp%\zxy2.jpg
%Programs%\StpOnline\Unload.lnk
%Common Appdata%\Baidu\BaiduSd\Config\804.dat
%Common Appdata%\Baidu\BaiduSd\Config\806.dat
%Common Appdata%\Baidu\BaiduSd\Config\809.dat
%Common Appdata%\Baidu\BaiduSd\Config\810.dat
%Common Appdata%\Baidu\BaiduSd\Config\811.dat
%Common Appdata%\Baidu\BaiduSd\Config\900.dat
%Common Appdata%\Baidu\BaiduSd\Config\901.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\ad.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\app.ico
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSd.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSdBugRpt.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSdRepair.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSdSvc.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSdTray.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSdUpdate.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BaiduSdUProxy64.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BAV\BDAVCScan.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BAV\bdmp.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BAV\bdvs.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bd0001.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDConfig.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDCooly.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVDeskBand.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVDeskBand64.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVDownloadProtect.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVDownloadProtect_x64.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVLogs.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVMainFrame.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDKVWsc.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDLogicUtils.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDKitUtils.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDMAVCached.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDMAVEng.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDMPerfMon.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDMRepBase.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDMRepMgr.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\BDUDiskGuard.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\bduf.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\blacksign.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\cache_config.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\CompatibilityChecker.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\KavUpdate.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\kav_verify.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\Microsoft.VC80.ATL\atl80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\Microsoft.VC80.CRT\msvcr80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\monitor_config.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\scan_mgr_config.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\systemfile.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\TrustAndIso.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\virus_type.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmantivirus\wverify.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMAVE.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMBase.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMDownload.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMEvents.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMFrameWork.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMLog.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMMsg.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMNet.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMPatchAgent.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMReport.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMSDWrench.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMSkin.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMStringUtils.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\BDMSRCore.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\BDMSREng.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\BSRLib.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\Microsoft.VC80.ATL\atl80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\bdmsysrepair\Microsoft.VC80.CRT\msvcr80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMTinyXml.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDMUpdate.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDPerflog.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDShellExt.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\BDShellExt64.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\DesktopToast.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\dl.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\dnw.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\DriverManager.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\explugin\ieBaiduSDDetectPlug.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\explugin\npBaiduSDDetectPlug.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\GameNoDisturb.ini
%Program Files%\Baidu\BaiduSd\1.8.0.1255\hips.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\iexplore.exe.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\licenses\directui license.txt
%Program Files%\Baidu\BaiduSd\1.8.0.1255\licenses\duilib license.txt
%Program Files%\Baidu\BaiduSd\1.8.0.1255\licenses\license.txt
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Microsoft.VC80.ATL\atl80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Microsoft.VC80.CRT\msvcr80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\NetService.ini
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\BDKVVirusPlugins.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\KVMainframePluginContainerConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\Microsoft.VC80.ATL\atl80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkv\Microsoft.VC80.CRT\msvcr80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\FileMon.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\fm.dat
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\HIPS.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\Microsoft.VC80.ATL\atl80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\Microsoft.VC80.CRT\msvcr80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\PrivacyProtect.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvrtpplugins\RtpContainerConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\BDDownLoadProtectPlugin.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\BDKVRmvDevPlugin.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\BDKVTrayTipsPlugin.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\Microsoft.VC80.ATL\atl80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\Microsoft.VC80.CRT\msvcm80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\Microsoft.VC80.CRT\msvcp80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\Microsoft.VC80.CRT\msvcr80.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\TrayPluginContainerConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\bdkvtrayplugins\UserDetectionPlugin.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\coolyplugins\CoolyContainerConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\Cooly_PluginConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\KVMainframe_PluginConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\KVRtp_PluginConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\KVTray_PluginConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\repairplugins\baidusdRepair.dll
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\repairplugins\RepairPluginContainerConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\plugins\Repair_PluginConfig.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKV.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKVConfig.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKVQuarantine.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKVTips.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKVTray\TrayPlugin.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKVTray.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\BDKVUpdate.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\KVCommonRes.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\SearchProtection.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\TrayDldProtect.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\Skins\Default\TrayPlugin.rdb
%Program Files%\Baidu\BaiduSd\1.8.0.1255\tips.xml
%Program Files%\Baidu\BaiduSd\1.8.0.1255\ToastImage.png
%Program Files%\Baidu\BaiduSd\1.8.0.1255\ToastLogo.ico
%Program Files%\Baidu\BaiduSd\1.8.0.1255\tuopan.png
%Program Files%\Baidu\BaiduSd\1.8.0.1255\uninst.exe
%Program Files%\Baidu\BaiduSd\1.8.0.1255\updlog.dll
%Program Files%\StpOnline\install.log
%Program Files%\StpOnline\Unload.exe

Detected by UnHackMe:

UNLOAD.EXE
Default location: %PROGRAM FILES%\STPONLINE\UNLOAD.EXE

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera