Generic BackDoor!csb

By ZulaZuza in Backdoors

Generic BackDoor!csb is a dangerous backdoor Trojan infection that seems to be legitimate program, but, in fact, performs malicious actions. Generic BackDoor!csb may be installed for malicious purposes by a hacker enabling access to your computer from remote locations, stealing passwords, Internet banking and personal information. If your computer is infected with Generic BackDoor!csb, the PC performance is abnormal, and your web browser is blocked. Generic BackDoor!csb proliferates via email attachment and program downloading process; therefore, do not use the program with unidentified source. Generic BackDoor!csb pretends to be the login webpage to defraud the user's data. Generic BackDoor!csb attacks the Internet holes to proliferate. Generic BackDoor!csb is a security danger and should be removed from your PC system immediately.

File System Details

Generic BackDoor!csb may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Userprofile%\Cookies\[User Name]@server[1].txt [Data file]
Name: %Userprofile%\Cookies\[User Name]@server[1].txt [Data file]
2.	%Temp%\XxX.xXx [Data file]
Name: %Temp%\XxX.xXx [Data file]
3.	%AppData%\SQLite3.dll [Data file]
Name: %AppData%\SQLite3.dll [Data file]
4.	%Temp%\UuU.uUu [Data file]
Name: %Temp%\UuU.uUu [Data file]
5.	%AppData%\Microsoft\Crypto\RSA\S-1- [Varies]\f9992b1ed3cdc054077ba50d8115ad69_e8d86675-b8d2-4ee6-876c-55cb6f7c0018 [Data file]
Name: %AppData%\Microsoft\Crypto\RSA\S-1- [Varies]\f9992b1ed3cdc054077ba50d8115ad69_e8d86675-b8d2-4ee6-876c-55cb6f7c0018 [Data file]
6.	%Temp%\29514437.tmp [Data file]
Name: %Temp%\29514437.tmp [Data file]
7.	%Userprofile%\Local Settings\Temporary Internet Files\Content.IE5\JRPRBYW8\sqlite3[1].dll [Data file]
Name: %Userprofile%\Local Settings\Temporary Internet Files\Content.IE5\JRPRBYW8\sqlite3[1].dll [Data file]

Registry Details

Generic BackDoor!csb may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

StubPath = "%WinDir%\system32\install\server.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\]

[HKEY_USERS\S-1-[Varies]\Software\Microsoft\Windows\CurrentVersion\Run\]

HKEY_USERS\S-1-[Varies]\Software\vima

Policies = "%WinDir%\system32\install\server.exe"

[HKEY_USERS\S-1-[Varies]\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3846A813-G1PX-GP34-W10Y-73675R5K48GI}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\]

HKLM = "%WinDir%\system32\install\server.exe"

HKCU = "%WinDir%\system32\install\server.exe"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Generic BackDoor!csb

File System Details

Registry Details

1 Comment

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen