URDVXC.EXE is Worm Allaple

June 4, 2012 by NightWatcher
Filed under: Worm 
: Solved!

You should Download Removal Tool here...

The file URDVXC.EXE is a computer worm.
The worm URDVXC.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the URDVXC.EXE problem as soon as possible!
Delete the file URDVXC.EXE from all infected computers in your network.
Set up your network firewall against URDVXC.EXE intervention.

Malware Analysis of URDVXC.EXE
Full path on a computer: %SysDir%\urdvxc.exe

Detected by UnHackMe:

Item Name: MSWindows
Author:
Related File: “%SysDir%\urdvxc.exe” /service
Type: Auto Services

Item Name: urdvxc.exe
Author: Unknown
Related File: %SYSDIR%\URDVXC.EXE
Type: Running Processes

Removal Results: Success
Number of reboot: 1

URDVXC.EXE is known as:

Worm.Allaple

URDVXC.EXE hash:

  • MD5: dff84900dfe4a8507bf146a461f355a8
How to quickly detect URDVXC.EXE presence?

Registry:
  • HKLM\System\CurrentControlSet\Services\MSWindows\ImagePath: “”%SysDir%\urdvxc.exe” /service”
  • HKLM\System\CurrentControlSet\Services\MSWindows\DisplayName: “Network Windows Service”
  • HKLM\System\CurrentControlSet\Services\MSWindows\Description: “Network Windows service management”
  • HKLM\System\CurrentControlSet\Services\MSWindows\FailureCommand: “%SysDir%\urdvxc.exe”
Files:
  • %Program Files Common%\Microsoft Shared\Smart Tag\1049\hjeskhbe.exe
  • %Program Files Common%\Microsoft Shared\Stationery\bcwvzwbh.exe
  • %Program Files Common%\Microsoft Shared\Stationery\bhrhnkht.exe
  • %Program Files Common%\Microsoft Shared\Stationery\bnbtzwxt.exe
  • %Program Files Common%\Microsoft Shared\Stationery\brvrjrke.exe
  • %Program Files Common%\Microsoft Shared\Stationery\bzqlkhrh.exe
  • %Program Files Common%\Microsoft Shared\Stationery\czjevcet.exe
  • %Program Files Common%\Microsoft Shared\Stationery\ehbebsrn.exe
  • %Program Files Common%\Microsoft Shared\Stationery\elwtjnbj.exe
  • %Program Files Common%\Microsoft Shared\Stationery\njbsvtll.exe
  • %Program Files Common%\Microsoft Shared\Stationery\nsqjttkv.exe
  • %Program Files Common%\Microsoft Shared\Stationery\qjllsjhl.exe
  • %Program Files Common%\Microsoft Shared\Stationery\tlcwjrwt.exe
  • %Program Files Common%\Microsoft Shared\Stationery\vkjljzrn.exe
  • %Program Files Common%\Microsoft Shared\Stationery\xrljqjzn.exe
  • %Program Files Common%\System\ado\tsektjkj.exe
  • %SysDir%\urdvxc.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: Allaple, URDVXC.EXE, Worm

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.