Backdoor.Finder Description

Backdoor.Finder is a backdoor Trojan that modifies search results in the hacked Internet browsers such as Mozilla Firefox, Google Chrome, Internet Explorer, Safari, Opera, Maxtron, Avant and Netscape. Backdoor.Finder opens a back door on the compromised PC and enables cybercriminals to obtain full remote access and control over the infected computer. Backdoor.Finder may download and install other malware infections on the targeted PC. Backdoor.Finder may connect to a Command-and-Control server to get instructions from attackers. When installed, Backdoor.Finder creates malevolent files and makes modifications to the Windows Registry. Backdoor.Finder also inserts a malicious code into
the genuine system processes.

Technical Information

File System Details

Backdoor.Finder creates the following file(s):
# File Name Detection Count
1 SYSTEM32>\wbem\Performance\WmiApRpl_new.ini N/A

Registry Details

Backdoor.Finder creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'effaacefaabeb' = '%APPDATA%\23ef5514-3059-436f-a4a7-4cefaab20eb179\effaacefaabeb.exe'