Threat Database Backdoors Backdoor.Win32.DsBot.bvp

Backdoor.Win32.DsBot.bvp

By JubileeX in Backdoors

The Backdoor.Win32.DsBot.bvp Trojan is a dangerous malware infection that creates a backdoor into the infected computer system. Computer security researchers use the term "backdoor" to refer to an unauthorized opening in a computer's security. A hacker can use this backdoor to bypass the computer's normal security applications and install additional malware on the infected computer. The effects of this additional malware can vary in severity but will almost certainly not be beneficial to the infected computer or its owner. ESG team of PC security researchers advises restarting Windows in Safe Mode and eliminating the Backdoor.Win32.DsBot.bvp Trojan with an advanced, fully-updated anti-malware program.

How the Backdoor.Win32.DsBot.bvp Trojan Hides from Detection?

The Backdoor.Win32.DsBot.bvp Trojan will usually make changes to the Windows Registry. These changes allow Backdoor.Win32.DsBot.bvp Trojan to protect itself by forcing the infected computer to run the Backdoor.Win32.DsBot.bvp Trojan at start-up, disable common security applications and even block access to the Internet. As part of its installation process, the Backdoor.Win32.DsBot.bvp Trojan will also create a number of unwanted files on the infected computer. One of the Backdoor.Win32.DsBot.bvp Trojan's defining characteristics is that Backdoor.Win32.DsBot.bvp Trojan creates files and directories with the name "Conference Freezer."

How Hackers Take Advantage of Backdoor.Win32.DsBot.bvp?

As was mentioned before, the severity of the effects of the Backdoor.Win32.DsBot.bvp Trojan vary depending on what other malware is installed through the backdoor. The Backdoor.Win32.DsBot.bvp Trojan in itself produces almost no symptoms; although in some cases, the infected computer system may crash frequently or become noticeably slower. However, backdoor Trojans like Backdoor.Win32.DsBot.bvp are associated with some of the most severe malware infections. According to ESG team of malware analysts, hackers can install several different kinds of malware through the Backdoor.Win32.DsBot.bvp Trojan backdoor:

  1. A hacker may take advantage of the Backdoor.Win32.DsBot.bvp Trojan to install a RAT (Remote Access Tool) onto the infected computer. A RAT allows a hacker to take complete control of the infected computer. Once a hacker has gained control of an infected computer, that computer can be used to perform criminal acts, such as sending out spam email or performing Distributed Denial of Service attacks.
  2. The backdoor established by the Backdoor.Win32.DsBot.bvp Trojan may be used to install spyware or adware onto your computer. These kinds of malware infections spy on your online activity and may also spam you with advertisements.
  3. A hacker may use Backdoor.Win32.DsBot.bvp to spy directly on your computer activity. By installing a keylogger, criminals can steal your financial data, credit card numbers, and online passwords.

File System Details

Backdoor.Win32.DsBot.bvp may create the following file(s):
# File Name Detections
1. %ProgramFiles%\Conference Freezer 1.8\Confreezer 1.8.exe
2. %ProgramFiles%\Conference Freezer 1.8\trueSpeech.ocx
3. %ProgramFiles%\Conference Freezer 1.8\yacscom.dll
4. %ProgramFiles%\Conference Freezer 1.8\MSINET.OCX
5. %ProgramFiles%\Conference Freezer 1.8\unins000.exe
6. %ProgramFiles%\Conference Freezer 1.8\MSCOMCTL.OCX
7. %CommonPrograms%\Conference Freezer 1.8\Conference Freezer 1.8 on the Web.url
8. %ProgramFiles%\Conference Freezer 1.8\unins000.dat
9. %CommonPrograms%\Conference Freezer 1.8\Uninstall Conference Freezer 1.8.lnk
10. %ProgramFiles%\Conference Freezer 1.8\Packet freez.ttt
11. %CommonPrograms%\Conference Freezer 1.8\Conference Freezer 1.8.lnk

Registry Details

Backdoor.Win32.DsBot.bvp may create the following registry entry or registry entries:
Inno Setup: App Path = "%ProgramFiles%\Conference Freezer 1.8"
Inno Setup: User = "%UserName%"
DisplayName = "Conference Freezer 1.8"
Publisher = "TT-SOFT, Inc."
URLUpdateInfo = "https://tt softs.com/php"
InstallDate = "20110817"
Inno Setup: Setup Version = "5.2.2"
Inno Setup: Icon Group = "Conference Freezer 1.8"
Inno Setup: Deselected Tasks = "desktopicon,quicklaunchicon"
QuietUninstallString = ""%ProgramFiles%\Conference Freezer 1.8\unins000.exe" /SILENT"
HelpLink = "https://tt-softs.com/php"
NoRepair = 0x00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstal\Conference Freezer 1.8_is1]
InstallLocation = "%ProgramFiles%\Conference Freezer 1.8\"
Inno Setup: Selected Tasks = ""
UninstallString = ""%ProgramFiles%\Conference Freezer 1.8\unins000.exe""
URLInfoAbout = "https://tt-softs.com/php"
NoModify = 0x00000001

Trending

Most Viewed

Loading...