Backdoor.win32.ZAccess.de

By SpideyMan in Backdoors

Backdoor.win32.ZAccess.de is a backdoor Trojan that propagates through software exploits or existing network vulnerability. Once installed on the affected computer system, Backdoor.win32.ZAccess.de creates an entry to enable remote attackers get access to your computer, take control over your screen, steal personal information and download and execute malicious files without your knowledge. Backdoor.win32.ZAccess.de is created to damage your computer system by deleting important system files and disabling anti-virus programs. Backdoor.win32.ZAccess.de can also redirect you to malicious websites. to delete It is strongly advised to eliminate Backdoor.win32.ZAccess.de immediately upon detection.

Table of Contents

SpyHunter Detects & Remove Backdoor.win32.ZAccess.de

File System Details

Backdoor.win32.ZAccess.de may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	c:\program files\mozilla firefox\mozalloc.dll
Name: c:\program files\mozilla firefox\mozalloc.dll Type: Dynamic link library Group: Malware file
2.	c:\program files\mozilla firefox\libGLESv2.dll
Name: c:\program files\mozilla firefox\libGLESv2.dll Type: Dynamic link library Group: Malware file
3.	c:\program files\mozilla firefox\mozjs.dll
Name: c:\program files\mozilla firefox\mozjs.dll Type: Dynamic link library Group: Malware file
4.	c:\program files\mozilla firefox\mozsqlite3.dll
Name: c:\program files\mozilla firefox\mozsqlite3.dll Type: Dynamic link library Group: Malware file
5.	c:\program files\mozilla firefox\d3dx9_43.dll
Name: c:\program files\mozilla firefox\d3dx9_43.dll Type: Dynamic link library Group: Malware file
6.	c:\program files\mozilla firefox\libEGL.dll
Name: c:\program files\mozilla firefox\libEGL.dll Type: Dynamic link library Group: Malware file
7.	c:\program files\mozilla firefox\D3DCompiler_43.dll
Name: c:\program files\mozilla firefox\D3DCompiler_43.dll Type: Dynamic link library Group: Malware file
8.	C:\Documents and Settings\\local settings\application data\uTorrent
Name: C:\Documents and Settings\<username>\local settings\application data\uTorrent Group: Malware file
9.	C:\Documents and Settings\\local settings\application data\uTorrentBar
Name: C:\Documents and Settings\<username>\local settings\application data\uTorrentBar Group: Malware file
10.	C:\Documents and Settings\\local settings\application data\Temp
Name: C:\Documents and Settings\<username>\local settings\application data\Temp Group: Malware file
11.	c:\program files\uTorrentBar
Name: c:\program files\uTorrentBar Group: Malware file
12.	C:\Documents and Settings\\local settings\application data\ConduitEngine
Name: C:\Documents and Settings\<username>\local settings\application data\ConduitEngine Group: Malware file
13.	c:\program files\ConduitEngine
Name: c:\program files\ConduitEngine Group: Malware file
14.	C:\Documents and Settings\\local settings\application data\Conduit
Name: C:\Documents and Settings\<username>\local settings\application data\Conduit Group: Malware file
15.	c:\program files\Conduit
Name: c:\program files\Conduit Group: Malware file
16.	c:\windows\system32\ConduitEngine.tmp
Name: c:\windows\system32\ConduitEngine.tmp Type: Temporary File Group: Malware file
17.	file.dll	f194c3614e08235f73c5e72691d7a751	0
Name: file.dll MD5: f194c3614e08235f73c5e72691d7a751 Size: 31.93 KB (31936 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: October 11, 2011

Registry Details

Backdoor.win32.ZAccess.de may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED7E6D4E-DE3A-4662-A7CA-44ECA5C55ED5}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16FC10F7-1272-4A21-96B2-F746B9ADFF8D}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\flashobj.shdocls

settings = 51 00 00 00 00 00 00 00 00 00 00 00 6D 79 70 61 73 73 00 00

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED7E6D4E-DE3A-4662-A7CA-44ECA5C55ED5}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16FC10F7-1272-4A21-96B2-F746B9ADFF8D}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2B56ADBB-327F-4905-A410-DDD81CE22BFC}\1.0\HELPDIR

HKEY_CURRENT_USER\Software\BIFROST1.2

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16FC10F7-1272-4A21-96B2-F746B9ADFF8D}\Implemented Categories

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16FC10F7-1272-4A21-96B2-F746B9ADFF8D}\VERSION

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16FC10F7-1272-4A21-96B2-F746B9ADFF8D}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2B56ADBB-327F-4905-A410-DDD81CE22BFC}\1.0\FLAGS

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\flashobj.shdocls\Clsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16FC10F7-1272-4A21-96B2-F746B9ADFF8D}

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Backdoor.win32.ZAccess.de

SpyHunter Detects & Remove Backdoor.win32.ZAccess.de

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen