Backdoor.Cimuz

Backdoor.Cimuz Description

Backdoor.Cimuz is a dangerous backdoor Trojan that is able to install on your computer system without your consent and then download and execute various files without your knowledge. Backdoor.Cimuz changes registry entries to enter the targeted computer system. Backdoor.Cimuz shows pop-up error, and when clicked on the error it redirects the user to download malicious application or the application gets executed by Backdoor.Cimuz. Backdoor.Cimuz disguises itself deep in the system so that it could protect its files even when System Restore is done. Backdoor.Cimuz opens a backdoor on the affected computer that gives remote attackers access to control your machine, download more threats or to steal personal information. It is strongly recommended removing Backdoor.Cimuz from the corrupted machine immediately upon detection.

Technical Information

File System Details

Backdoor.Cimuz creates the following file(s):
# File Name Detection Count
1 %System%\msafd[TWO RANDOM NUMBERS].dll N/A
2 %System%\[RANDOM ALPHANUMERIC CHARACTERS].tbl N/A
3 %Temp%\~[RANDOM ALPHANUMERIC CHARACTERS].tmp N/A
4 %System%\c_20870.nls N/A

Registry Details

Backdoor.Cimuz creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Services\WinSock2\mswsock32\"PathName" = "C:\WINDOWS\system32\msafd[TWO RANDOM NUMBERS].dll"