Backdoor:Win32/Beastdoor.L

Backdoor:Win32/Beastdoor.L Description

Backdoor:Win32/Beastdoor.L is a backdoor Trojan that disguises itself as a legitimate program to trick users into downloading it. Once downloaded, Backdoor:Win32/Beastdoor.L will launch annoying advertisements in the form of pop-ups and pop-unders as well as cause frequent browser redirection to malicious or advertising websites. Backdoor:Win32/Beastdoor.L may also download other malware onto a compromised machine putting the system at greater risk.

Technical Information

File System Details

Backdoor:Win32/Beastdoor.L creates the following file(s):
# File Name Detection Count
1 %Windir%\svchost.exe N/A
2 %Windir%\msagent\mssnqi.com N/A
3 %System%\msntjq.com N/A

Registry Details

Backdoor:Win32/Beastdoor.L creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
StubPath = "%System%\msntjq.com"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{42CE4021-DE03-E3CC-EA32-40BB12E6015D}
COM Service = "%Windir%\msagent\mssnqi.com"