We checked up the file AUDIODEVICE.EXE and found it hazardous.
The file AUDIODEVICE.EXE must be deleted from the system immediately.
Kill the process AUDIODEVICE.EXE and remove AUDIODEVICE.EXE from the Windows startup.
Malware Analysis of AUDIODEVICE.EXE
Full path on a computer: %Appdata%\sound\audiodevice.exe
Detected by UnHackMe:
AUDIODEVICE.EXE
Default location: %Appdata%\sound\audiodevice.exe
Removal Results: Success
Number of reboot: 1
AUDIODEVICE.EXE is known as:
Trojan.DarkKomet, Backdoor.DarkKomet.xyk, Backdoor.Agent.XAB, BackDoor.Comet.152, Backdoor.Fynloski.A (v), BDS.DarkKomet.GR, Troj.Backdr-ID, Hack.HuigeziT.cz, Backdoor.Fynloski.A, Backdoor.Agent.674304.A, Backdoor.DarkKomet, Backdoor.Graybird.rem, Win32.Fynloski.AA, Backdoor.Pontoeb.4DF0, Trojan.CDur, W32.DarkKomet.ID.tr.bdr, BackDoor.Delf.DMT, Trj.Packed.B
AUDIODEVICE.EXE hash:
- MD5: fc77e7c4fef198d15ebab5e11a942a26
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect AUDIODEVICE.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\graphics: “%Appdata%\sound\audiodevice.exe”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: “%SysDir%\userinit.exe,%Appdata%\sound\audiodevice.exe”
Folders:- %Appdata%\sound
Files:- %Appdata%\sound\audiodevice.exe