Suspicious.Bifrose Description

Suspicious.Bifrose is a dangerous Trojan program that may drop malicious parasites onto an infected computer. Suspicious.Bifrose may surreptitiously give a remote attacker full access to a compromised PC. Suspicious.Bifrose may also disable the Windows Firewall in order to avoid being detected when dropping malicious files. If detected, the removal of Suspicious.Bifrose should be done as soon as possible.

Type: Trojans

How Can You Detect Suspicious.Bifrose?

Suspicious.Bifrose Technical Report

As new Suspicious.Bifrose details are reported by our customers and findings from our Threat Research Center, we will update this section.

Suspicious.Bifrose’s Country of Origin:

• China

Suspicious.Bifrose has typically the following processes in memory:

• %FontsDir%\iexplo.exe
• %ProgramFiles%\sovhst.exe
• %Windir%\MICROSOFT\winsys.dll
• %ProgramFiles%\Common Files\PushWare\cpush.dll
• %System%\dllcache\linkinfo.dll
• %ProgramFiles%\Common Files\PushWare\Uninst.exe

Suspicious.Bifrose creates the following registry entries:

• [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]

Important Article Disclaimer