Troj/Bifrose-AK is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.
When first run Troj/Bifrose-AK copies itself to <Windows system folder>\Cell.exe and creates the file <Windows system folder>\plugin1.dat.
The following registry entries are created to run Cell.exe on startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CEventMgr
<Windows system folder>\Cell.exe
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
stubpath
<Windows system folder>\Cell.exe s
Registry entries are created under:
HKCU\Software\Wget\