Backdoor:Win32/Losfondup.B DescriptionType: Backdoors
Backdoor:Win32/Losfondup.B is a backdoor Trojan that enables cybercriminals to obtain full remote access and control over a compromised PC, makes changes to user system and settings accounts, and embeds itself into running processes. While being installed, Backdoor:Win32/Losfondup.B makes system changes by downloading malevolent files and making modifications to the Windows Registry. Backdoor:Win32/Losfondup.B will introduce a user account called 'Local Servlce' by purposefully misspelling 'Local Servlce', instead of 'Service', possibly to dupe attacked PC users into thinking it is a genuine Windows user account. Backdoor:Win32/Losfondup.B may be installed and launched by other malware infections. Backdoor:Win32/Losfondup.B registers itself as a geneuine component of the Windows system service 'SENS' (system even notification service) by making alterations to the registry entry. Backdoor:Win32/Losfondup.B also modifies the registry entries to make sure that its altered version of the 'SENS' service is initiated every time you start Windows. When the Windows system service SENS is launched, Backdoor:Win32/Losfondup.B is run instead of the original, legal one. To conceal its occurrence, Backdoor:Win32/Losfondup.B also fulfills the normal functions of the legal SENS service. To make that the altered version of the 'SENS' service, and, therefore, Backdoor:Win32/Losfondup.B itself, is running instead of the genuine one, Backdoor:Win32/Losfondup.B stops 'svchost.exe' and runs the commands, which initiate the changed 'SENS' service.
File System Details
|#||File Name||MD5||Detection Count|
|2||[startup folder]\widoexe.js||N/A +|
|5||%ALLUSERSPROFILE%\Documents\[reverse malware file name].dat||N/A +|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.