Backdoor.Flyoutburn
Backdoor.Flyoutburn is a backdoor Trojan that executes harmful activities on the corrupted PC. Once run, Backdoor.Flyoutburn creates a few folders and the malevolent files on the affected computer system. Backdoor.Flyoutburn creates the registry entry and registry subkeys. Backdoor.Flyoutburn may connect to port 9696 on the particular web addreass. Backdoor.Flyoutburn may also connect to port 61786 on the particular web addresses. Backdoor.Flyoutburn may strive to use local RAS services to open a VPN connection.
Table of Contents
File System Details
Backdoor.Flyoutburn may create the following file(s):
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AllUsersProfile%\Application Data\Microsoft\Windows\Burn\[COMPUTER NAME].dll | |
2. | %AllUsersProfile%\Application Data\Microsoft\Windows\LiveUpdata_Mem\[RANDOM CHARACTERS].dll | |
3. | %AllUsersProfile%\Application Data\Microsoft\Windows\LiveUpdata_Mem\[RANDOM CHARACTERS]_One.dll | |
4. | %Temp%\DW20.dll |
Registry Details
Backdoor.Flyoutburn may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\XC
Windows\CurrentVersion\Policies\Explorer\Run "[COMPUTER NAME]" = "[%AllUsersProfile%\Application Data\Microsoft\Windows\Burn\[COMPUTER NAME].dll]"
HKEY_CURRENT_USER\Software\Microsoft\
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\A1
URLs
Backdoor.Flyoutburn may call the following URLs:
dtl.dnsd.me |
dtl.eatuo.com |
dtl6.mooo.com |
internet.3-a.net |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.