Pushbot

By Sumo3000 in Worms

Translate To:

Threat Scorecard

Threat Level:	90 % (High)
Infected Computers:	323

First Seen:	July 24, 2009
Last Seen:	February 18, 2026
OS(es) Affected:	Windows

Pushbot is a computer worm that typically spreads via MSN Messenger. Pushbot will infiltrate a system and open an IRC-based backdoor through which a remote attacker can download additional malware onto the system. Pushbot will also send infected messages to a victim's MSN Messenger contacts and gather private data from protected storage. When inside a machine, Pushbot produces outbound traffic and creates a start-up registry entry to prevent its easy removal. A reliable security tool should be able to detect and completely remove Pushbot from an infected PC.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Antivirus Vendor	Detection
AVG	Inject.DBT
AntiVir	TR/Agent.196608.4
eSafe	Win32.Trojan
McAfee	W32/Checkout!bi
AntiVir	Worm/Pushbot.A.205
McAfee	RDN/Generic Dropper!ii
CAT-QuickHeal	Worm.Gamarue.B
Panda	Trj/OCJ.D
AVG	SHeur4.BGGT
Fortinet	W32/Agent.HJNE!tr
Ikarus	Trojan-Dropper.Win32.Agent
McAfee-GW-Edition	PWS-FAVD!5F465959BE6B
AntiVir	Worm/Pushbot.A.207
Kaspersky	Trojan-Dropper.Win32.Agent.hjne
Avast	Win32:Downloader-SYZ [Trj]

SpyHunter Detects & Remove Pushbot

File System Details

Pushbot may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	35F0.tmp	8cd9856e736a8526b97e6f471cb93c4d	18
Name: 35F0.tmp MD5: 8cd9856e736a8526b97e6f471cb93c4d Size: 48.64 KB (48640 bytes) Detections: 18 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\35F0.tmp Group: Malware file Last Updated: August 27, 2022
2.	csdrive32.exe	0058e903630a7cd34c77ae3c758b114c	18
Name: csdrive32.exe MD5: 0058e903630a7cd34c77ae3c758b114c Size: 48.64 KB (48640 bytes) Detections: 18 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: September 7, 2012
3.	ghdrive32.exe	f8b34fd32cb8cd5ec923fad9feaae7e9	10
Name: ghdrive32.exe MD5: f8b34fd32cb8cd5ec923fad9feaae7e9 Size: 47 KB (47006 bytes) Detections: 10 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: December 25, 2020
4.	27C8.tmp	4e824d6926163f7163e2f2a25b0c7f69	8
Name: 27C8.tmp MD5: 4e824d6926163f7163e2f2a25b0c7f69 Size: 53.76 KB (53760 bytes) Detections: 8 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\27C8.tmp Group: Malware file Last Updated: August 27, 2022
5.	172A.tmp	c4580e02273f478c145a970755b1f7ea	7
Name: 172A.tmp MD5: c4580e02273f478c145a970755b1f7ea Size: 46.08 KB (46080 bytes) Detections: 7 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\172A.tmp Group: Malware file Last Updated: August 27, 2022
6.	ywdrive32.exe	742151ad4c217f3d5640d31eb8f14a6a	7
Name: ywdrive32.exe MD5: 742151ad4c217f3d5640d31eb8f14a6a Size: 100.35 KB (100352 bytes) Detections: 7 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: January 21, 2013
7.	safari.exe	0d2ece7d0dd44f322e0bca831fb89cf8	7
Name: safari.exe MD5: 0d2ece7d0dd44f322e0bca831fb89cf8 Size: 320 KB (320000 bytes) Detections: 7 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: April 2, 2013
8.	jodrive32.exe	4776d2f0539eb60d3cffc612922805dd	6
Name: jodrive32.exe MD5: 4776d2f0539eb60d3cffc612922805dd Size: 81.92 KB (81920 bytes) Detections: 6 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: July 15, 2022
9.	aadrive32.exe	81e73daae9744e72a9d8182f98240b20	6
Name: aadrive32.exe MD5: 81e73daae9744e72a9d8182f98240b20 Size: 47.1 KB (47104 bytes) Detections: 6 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: February 1, 2012
10.	sysstem.exe	e7ea16f17e1573cfc4ff8cafb4c2f737	5
Name: sysstem.exe MD5: e7ea16f17e1573cfc4ff8cafb4c2f737 Size: 593.92 KB (593920 bytes) Detections: 5 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: December 25, 2020
11.	148F.tmp	d7f61d61d08c277373480eb6a769c224	5
Name: 148F.tmp MD5: d7f61d61d08c277373480eb6a769c224 Size: 46.59 KB (46592 bytes) Detections: 5 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\148F.tmp Group: Malware file Last Updated: August 27, 2022
12.	Peqvjfjrwtkrhjhx.exe	ed27ae6ea4fb3dfbaa9781cd475996f6	5
Name: Peqvjfjrwtkrhjhx.exe MD5: ed27ae6ea4fb3dfbaa9781cd475996f6 Size: 75.77 KB (75776 bytes) Detections: 5 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Peqvjfjrwtkrhjhx.exe Group: Malware file Last Updated: February 18, 2026
13.	tasksvc.exe	b4f7542d4f78dae931d1fa8daecd625e	4
Name: tasksvc.exe MD5: b4f7542d4f78dae931d1fa8daecd625e Size: 144.91 KB (144913 bytes) Detections: 4 Type: Executable File Path: %WINDIR%\system32 Group: Malware file Last Updated: October 28, 2011
14.	EB7B.tmp	6a69265924ae440b0cea5a54fc0762ce	4
Name: EB7B.tmp MD5: 6a69265924ae440b0cea5a54fc0762ce Size: 53.76 KB (53760 bytes) Detections: 4 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\EB7B.tmp Group: Malware file Last Updated: August 27, 2022
15.	dn.exe	065e216faf5c28e0bd74798de118d2d1	3
Name: dn.exe MD5: 065e216faf5c28e0bd74798de118d2d1 Size: 294.91 KB (294912 bytes) Detections: 3 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: October 27, 2011
16.	14E7.tmp	9ba537179d59da0902795a338645475d	3
Name: 14E7.tmp MD5: 9ba537179d59da0902795a338645475d Size: 45.56 KB (45568 bytes) Detections: 3 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\14E7.tmp Group: Malware file Last Updated: August 27, 2022
17.	mdm.exe	001ffd3acd701db4337cb7c2ed4ab2a6	3
Name: mdm.exe MD5: 001ffd3acd701db4337cb7c2ed4ab2a6 Size: 160.33 KB (160333 bytes) Detections: 3 Type: Executable File Path: %PUBLIC% Group: Malware file Last Updated: February 20, 2012
18.	yadrive32.exe	37b261855da8001beafb6836ee3fb0ab	3
Name: yadrive32.exe MD5: 37b261855da8001beafb6836ee3fb0ab Size: 48.64 KB (48640 bytes) Detections: 3 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: August 8, 2012
19.	ggdrive32.exe	9544d28fbe749bd1c6d7d9817dcfac3e	2
Name: ggdrive32.exe MD5: 9544d28fbe749bd1c6d7d9817dcfac3e Size: 66.44 KB (66440 bytes) Detections: 2 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: March 18, 2011
20.	410C.tmp	95013fe093be274011ba42f9114b1871	2
Name: 410C.tmp MD5: 95013fe093be274011ba42f9114b1871 Size: 48.12 KB (48128 bytes) Detections: 2 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\410C.tmp Group: Malware file Last Updated: August 27, 2022
21.	6695.tmp	e8c4a5ee7c7ecdabd9cee6b10a1c3c42	2
Name: 6695.tmp MD5: e8c4a5ee7c7ecdabd9cee6b10a1c3c42 Size: 45.56 KB (45568 bytes) Detections: 2 Type: Temporary File Path: C:\Users\<username>\AppData\Roaming\6695.tmp Group: Malware file Last Updated: August 27, 2022
22.	31.exe	559d0888b767ef3a24c4478869a6d85c	2
Name: 31.exe MD5: 559d0888b767ef3a24c4478869a6d85c Size: 46.59 KB (46592 bytes) Detections: 2 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: January 11, 2012
23.	10.exe	d1cc03c551644845e2904974b17b6b02	1
Name: 10.exe MD5: d1cc03c551644845e2904974b17b6b02 Size: 200.7 KB (200704 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: November 11, 2011
24.	3816.exe	8bda080da1256c2fa345e1927f091e4f	1
Name: 3816.exe MD5: 8bda080da1256c2fa345e1927f091e4f Size: 163.97 KB (163976 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: August 2, 2012
25.	6.exe	6004bf5a76eb22d40e92a8f278543213	1
Name: 6.exe MD5: 6004bf5a76eb22d40e92a8f278543213 Size: 55.8 KB (55808 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: April 17, 2013
26.	4D.exe	0b22ed62c0b8e0d34e4e21006c662a76	1
Name: 4D.exe MD5: 0b22ed62c0b8e0d34e4e21006c662a76 Size: 90.11 KB (90112 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: November 15, 2012

More files

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Pushbot

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Pushbot

File System Details

Submit Comment

Related Posts

Worm.Pushbot.VJ

Worm.Pushbot.UM

Worm.Pushbot.KY

Worm.Pushbot.ED

Worm.Pushbot.UI

Worm.Pushbot.SZ

Trending

SelectionDaily

Maps-N-Directions

Search.searchfaa.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen