Comprolive.com offers free remote tech support using Google Chrome Remote Desktop. Please contact sanjayrajure(at)gmail.com by GMail/ GTalk/ Audio/ Video.

Buddycheck.exe

Last Updated on Friday, 10 August 2012 08:39 Sunday, 04 April 2010 16:42

Harmful - EXE

A file by the name buddycheck.exe is created by a computer virus program that affects the computers running on the Microsoft windows operating systems. It's analysis report is given below

A software called  Nuotex BuddyCheck seems to be a legitimate application, however the above report indicates that the installer of this software has been altered so as to induce the bifrost virus files along with the program.

Files and folders found - view
%Programs%\BuddyCheck.lnk
%AppData%\addons.dat
%AppData%\Bifrost\buddycheck.exe
%Temp%\mohz.exe
C:\Windows\System32\Bifrost\buddycheck.exe
%AppData%\Bifrost\logg.dat
C:\Windows\System32\Bifrost\logg.dat
%DesktopDir%\BuddyCheck.lnk
%Temp%\BuddyCheck-1.0.3-Setup.exe
%Temp%\nsk3.tmp\InstallOptions.dll
C:\Program Files\BuddyCheck\BuddyCheck.exe
C:\Program Files\BuddyCheck\History.txt
C:\Program Files\BuddyCheck\License.txt
C:\Program Files\BuddyCheck\uninst.exe
C:\Program Files\BuddyCheck\YMSGAuth.exe
C:\Program Files\BuddyCheck\YMSGAuth.txt

Folders
%AppData%\Bifrost
%AppData%\Nuotex
%Temp%\nsk3.tmp
C:\Program Files\BuddyCheck
C:\Windows\System32\Bifrost

 

(Full path for the short folder names)

This virus is identified as trojan Bifrost. Read more about trojan Bifrost on this page

There may be more files created by this virus program. You can find them out. First locate and note down the "date of creation" of "buddycheck.exe", and after that, search the hard disk for other files created on that date or onward. See image

Necessary steps required to remove this virus program

  • To remove processes created by the virus program from the Task Manager
  • To search and delete files created by the virus program from the hard disk. Enable to view "hidden files and folders" before you search. Otherwise files created by the virus program inside the hidden folders will not be found
  • To remove obsolete registry keys using CCleaner

Detailed instructions and free Tools

Preventive steps to avoid virus programs

Reprinted with permission from Threatexpert.com

Disclaimer

 Vocabulary of the technical terms used in this article

< Prev   Next >

Main Menu

Home
----Sections----
Harmful Files
Virus Removal
Trojan Removal
Worms Removal
Rogues Removal
Unwanted Apps
Removal Tools
Current News
----Articles----
Warning/ Disclaimer
Common Folders
Preventive Measures
Removal Instructions
Video Tutorials
----Site Info----
Sitemap
About/Contact
Privacy Policy
Search this site
FAQ

Subscribe to me on YouTube