Backdoor.ExtenBro.AK

Backdoor.ExtenBro.AK Description

The security alerts connected to Backdoor.ExtenBro.AK are not something you should overlook. The Backdoor.ExtenBro.AK alerts notify users of a Backdoor Trojan on their systems that may be used by third parties to modify their data, programs and network connections. The ExtenBro.AK Backdoor Trojan may be deployed to users via corrupted attachments to spam emails that may be related to updates from PayPal and Facebook. The corrupted files that are loaded with the Backdoor.ExtenBro.AK malware may appear as Powerpoint presentations, Microsoft Word documents and Excel Worksheets. Additionally, there are several cases where the Backdoor.ExtenBro.AK malware may be promoted as a video player on untrusted software deployment platforms and forums dedicated to freeware. Backdoor.ExtenBro.AK is a member of the ExtenBro family of Backdoor Trojans and may open ports to your system to listen to instructions by its handlers and send data like your software and hardware configuration, IP address, a list of files in the home folder and username and account password.

The handlers of the ExtenBro.AK Backdoor Trojan may use it to establish a FTP connection to your PC, collect data and delete programs and folders. The ExtenBro Trojan is packed as crafted to function as a portable program and may be registered as a startup service in the MSCONFIG utility to ensure its functionality. The activity of the Backdoor.ExtenBro.AK malware may require a large portion of your system resources, your machine may run slower, and you may notice program windows being closed automatically. The Backdoor.ExtenBro.AK cyber threat is similar to Protos and Mokes, may allow third parties to make modifications to your account settings, and you may be locked out of your PC. Consider installing a renowned anti-malware suite to boost your cyber defenses and prevent Backdoor.ExtenBro.AK from landing on your hard drive.

Technical Information

File System Details

Backdoor.ExtenBro.AK creates the following file(s):
# File Name Size MD5 Detection Count
1 %PROGRAMFILES%\Mozilla Firefox\firefox.exe 36,864 8bfb86066953bd85434e7ad4e95f2787 2,491
2 %LOCALAPPDATA%\Microsoft\Extensions\extsetup.exe 375,865 299cd3fdd61674e1b2823e04169ea80a 1,386
3 %LOCALAPPDATA%\Microsoft\Extensions\safebrowser.exe 192,481 02a593160d51aca41f03e9930196e3fc 481
4 %TEMP%new-super-ext.exe 4,355,144 fb7069c133374bbe2c29543d3f941723 131
5 %LOCALAPPDATA%\extension\ChromeExtensionUpdater.exe 1,754,624 ab4f5828171a3ba7557c73cd042a040b 54
6 %SYSTEMDRIVE%\users\Вадим\appdata\roaming\adobe\nativeplugin\ooba\ppapi\bb4f4404-99cb-4808-810c-52f991fccbff\02397559-4503-4c18-b7bb-dfcfd68c9981.exe\02397559-4503-4c18-b7bb-dfcfd68c9981.exe 125,257 4238633c577cad862eb0584412508633 11
More files

Registry Details

Backdoor.ExtenBro.AK creates the following registry entry or registry entries:
Directory
%LOCALAPPDATA%\betterworld\ExitNode
Regexp file mask
%APPDATA%\command.dll
%APPDATA%\product.dll
%LOCALAPPDATA%\Microsoft\Extensions\extsetup.exe
%LOCALAPPDATA%\Microsoft\Extensions\safebrowser.exe
%LOCALAPPDATA%\Microsoft\Extensions\safebrowser[RANDOM CHARACTERS].bat
%USERPROFILE%\Local Settings\Application Data\Microsoft\Extensions\extsetup.exe

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.