Backdoor.Win32.Zegost
Backdoor.Win32.Zegost is a backdoor Trojan that can run in the background of a system without a user's knowledge. Backdoor.Win32.Zegost is used by remote attackers to gain access to a targeted computer and the private information stored on it. Backdoor.Win32.Zegost will open a backdoor into a system and allow additional malware onto a system. Avoid Backdoor.Win32.Zegost by securing your computer with good security software.
File System Details
Backdoor.Win32.Zegost may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\ACD Systems\ACDSee\Imagevx.ddf%SESSIONNAME% | |
| 2. | %AppData%\ACD Systems\ACDSee | |
| 3. | %AppData%\ACD Systems |
Registry Details
Backdoor.Win32.Zegost may create the following registry entry or registry entries:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HIDSERV\0000\Control]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_HIDSERV\0000\Control]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HIDSERV\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_HIDSERV\0000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Comhidserv70\Parameters]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HIDSERV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_HIDSERV]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Comhidserv70]
