Backdoor

How to remove “Redosdru.Backdoor.Bot.DDS”?

Malware Removal

The Redosdru.Backdoor.Bot.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Redosdru.Backdoor.Bot.DDS virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Executable file is packed/obfuscated with ASPack
  • Authenticode signature is invalid

How to determine Redosdru.Backdoor.Bot.DDS?



File Info:

name: CEFCF8D8478EC63AC38A.mlw
path: /opt/CAPEv2/storage/binaries/ee144517b4581f417cd58ab32f0f82df20fe9ed0a3b287fb52e22e76c3b329e8
crc32: D66A5A65
md5: cefcf8d8478ec63ac38a54018358fec6
sha1: 4703eafd1d511f329e5996558046bb9e63e8d845
sha256: ee144517b4581f417cd58ab32f0f82df20fe9ed0a3b287fb52e22e76c3b329e8
sha512: 105d8edb7fbe256db46928b299d2a45057fa44a0ffcc377b5db10522f371d40b8bb3a418bb41b774fe1eaa867c91ae28749ccc546edbdb5671b4eee2d6087481
ssdeep: 6144:mfVWnnWKqEF5BwyqhPmeYPO0cTBlhHrfndnU:kOWPQfEPjYPO0cT3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T160149D53EAC180F5D959167480EFB77A66FB5B4407081EC3BB84EEE504E31509A3ADCB
sha3_384: d45a04cbbbc92b5ac8fed125784d2da66725331805c08312cd794c3d3ecd2d5fe0d52a2a43d160b1461e082e11472774
ep_bytes: 558bec6aff686811400068004b400064
timestamp: 2010-07-14 21:49:33


Version Info:

ConpanyName: Microsoft Corporation
FileDescription: 360杀毒 主程序
FileVersion: 5.2.3790.4021 (srv03_sp2_qfe.070211-2318)                  
InternalName: VSSVC.EXE
LegalCopyright: (C) Microsoft Corporation. All rights reserved.
OriginalFilename: VSSVC.EXE
ProductName: 360杀毒 主程序
ProductVersion: 5.2.3790.4021
Translation: 0x0804 0x04b0

Redosdru.Backdoor.Bot.DDS also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Doina.18368
ClamAVWin.Trojan.Zegost-9758778-0
FireEyeGeneric.mg.cefcf8d8478ec63a
ALYacGen:Variant.Doina.18368
MalwarebytesRedosdru.Backdoor.Bot.DDS
ZillyaTrojan.Bjlog.Win32.4121
SangforSuspicious.Win32.Save.ins
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0016e1f71 )
K7AntiVirusTrojan ( 0016e1f71 )
BitDefenderThetaGen:NN.ZexaF.36318.mm0@a8OlXwbb
VirITTrojan.Win32.Generic.UEH
CyrenW32/Zegost.F.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Redosdru.FP
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-PSW.Win32.Bjlog.dxuu
BitDefenderGen:Variant.Doina.18368
NANO-AntivirusTrojan.Win32.Bjlog.ikjxl
AvastWin32:Zegost-C [Trj]
EmsisoftGen:Variant.Doina.18368 (B)
BaiduWin32.Backdoor.Zegost.b
F-SecureBackdoor:W32/Bjlog.D
DrWebTrojan.Ludo.27
VIPREGen:Variant.Doina.18368
TrendMicroTROJ_ZEGOST.SME
McAfee-GW-EditionBehavesLike.Win32.Worm.ch
Trapminemalicious.high.ml.score
SophosMal/Zegost-C
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan-Dropper.Zegost.E
JiangminTrojan/PSW.Bjlog.cau
WebrootW32.Trojan.Gen
AviraTR/Hijacker.Gen
Antiy-AVLTrojan[PSW]/Win32.Bjlog
XcitiumBackdoor.Win32.Zegost.B@1qlsm2
ArcabitTrojan.Doina.D47C0
ZoneAlarmTrojan-PSW.Win32.Bjlog.dxuu
MicrosoftTrojanDropper:Win32/Zegost.B
GoogleDetected
AhnLab-V3Trojan/Win32.Bjlog.R15323
McAfeeGenericRXCV-AG!CEFCF8D8478E
MAXmalware (ai score=83)
VBA32TScope.Malware-Cryptor.SB
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_ZEGOST.SME
RisingBackdoor.Bjlog!1.D1D9 (CLASSIC)
YandexTrojan.Zegost.Gen.5
IkarusTrojan-PWS.Win32.Bjlog
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Bjlog.LBY!tr.pws
AVGWin32:Zegost-C [Trj]
DeepInstinctMALICIOUS

How to remove Redosdru.Backdoor.Bot.DDS?

Redosdru.Backdoor.Bot.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment