Backdoor.Win32.Rbot.akee
Backdoor.Win32.Rbot.akee is a Windows platform backdoor Trojan. Backdoor.Win32.Rbot.akee is designed to give remote attackers control over a compromised PC. Backdoor.Win32.Rbot.akee makes it possible for attackers to send or receive, create or delete and launch files. Backdoor.Win32.Rbot.akee is often used to unite a group of compromised computers and form a malicious botnet that can be used for Denial of Service attacks.
File System Details
Backdoor.Win32.Rbot.akee may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %ProgramFiles%\Kernel for Outlook Duplicates\unins000.exe | |
| 2. | %ProgramFiles%\Kernel for Outlook Duplicates\{80000000-DCC6-49b5-9C61-DE91132C3221}.dll | |
| 3. | %ProgramFiles%\Kernel for Outlook Duplicates\Kernel for Outlook Duplicates.exe | |
| 4. | %System%\Redemption.dll | |
| 5. | %ProgramFiles%\Kernel for Outlook Duplicates\NucleusAddin.dll | |
| 6. | %ProgramFiles%\Kernel for Outlook Duplicates\Kernel for Outlook Duplicates.chm | |
| 7. | %CommonPrograms%\Kernel for Outlook Duplicates\Kernel for Outlook Duplicates Help.lnk | |
| 8. | %ProgramFiles%\Kernel for Outlook Duplicates\license.txt | |
| 9. | %CommonPrograms%\Kernel for Outlook Duplicates\Kernel for Outlook Duplicates.lnk | |
| 10. | %ProgramFiles%\Kernel for Outlook Duplicates\unins000.dat | |
| 11. | %CommonPrograms%\Kernel for Outlook Duplicates\Uninstall Kernel for Outlook Duplicates .lnk |
Registry Details
Backdoor.Win32.Rbot.akee may create the following registry entry or registry entries:
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C4C5F4-1893-444C-B8D8-002F0034DA92}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C4C5F4-1893-444C-B8D8-002F0034DA92}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11E2BC0C-5D4F-4E0C-B438-501FFE05A382}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C4C5F4-1893-444C-B8D8-002F0034DA92}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11E2BC0C-5D4F-4E0C-B438-501FFE05A382}\ProgID]
