Trojan-Spy.Goldun.btz

By ZulaZuza in Backdoors

Trojan Spy.Win32.Goldun.btz is a terrible backdoor trojan that runs in the background and enables remote access to the corrupted computer system. Trojan-Spy.Goldun.btz can be installed under misleading falsehoods, invading the victim's PC without their consent or knowledge. Trojan-Spy.Goldun.btz makes effort to be a security tool, which goal is to obtain as much information as it can. Trojan Spy.Win32.Goldun.btz can change Windows Explorer settings to download other infected files from external servers. Trojan Spy.Win32.Goldun.btz is designed by hackers to gain an authorized access to your computer to monitor the PC without the victim's knowledge. Remove Trojan-Spy.Goldun.btz immediately once it is identified on your PC to keep your computer safe.

File System Details

Trojan-Spy.Goldun.btz may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	gbiehcef.dll
Name: gbiehcef.dll Type: Dynamic link library
2.	SISWin32[1].dll
Name: SISWin32[1].dll Type: Dynamic link library
3.	Wapp.exe
Name: Wapp.exe Type: Executable File
4.	gplan.exe
Name: gplan.exe Type: Executable File
5.	csrcs.exe
Name: csrcs.exe Type: Executable File
6.	unchsy.exe
Name: unchsy.exe Type: Executable File
7.	tjnw.exe
Name: tjnw.exe Type: Executable File
8.	smastsj.exe
Name: smastsj.exe Type: Executable File
9.	wmiprevse.exe
Name: wmiprevse.exe Type: Executable File
10.	win.exe
Name: win.exe Type: Executable File
11.	msn.exe
Name: msn.exe Type: Executable File
12.	services.exe
Name: services.exe Type: Executable File
13.	gmillogof.exe
Name: gmillogof.exe Type: Executable File
14.	watchdll.dll
Name: watchdll.dll Type: Dynamic link library
15.	zyndld32080926jt.dll
Name: zyndld32080926jt.dll Type: Dynamic link library
16.	userinit.exe
Name: userinit.exe Type: Executable File
17.	liel.exe
Name: liel.exe Type: Executable File
18.	Windows32.exe
Name: Windows32.exe Type: Executable File
19.	astrix.dll
Name: astrix.dll Type: Dynamic link library
20.	winlogon.exe
Name: winlogon.exe Type: Executable File
21.	regsvc32.exe
Name: regsvc32.exe Type: Executable File
22.	temp01.exe
Name: temp01.exe Type: Executable File
23.	winpflbp.exe
Name: winpflbp.exe Type: Executable File
24.	system.exe
Name: system.exe Type: Executable File
25.	ree2.exe
Name: ree2.exe Type: Executable File
26.	crdisk.exe
Name: crdisk.exe Type: Executable File
27.	crtdl.dll
Name: crtdl.dll Type: Dynamic link library
28.	installer.exe
Name: installer.exe Type: Executable File
29.	winhlpf.exe
Name: winhlpf.exe Type: Executable File
30.	jdt7643.exe
Name: jdt7643.exe Type: Executable File
31.	defrsmgr.dll
Name: defrsmgr.dll Type: Dynamic link library
32.	msiead32.dll
Name: msiead32.dll Type: Dynamic link library
33.	msnscps.dll
Name: msnscps.dll Type: Dynamic link library
34.	swapdm.dll
Name: swapdm.dll Type: Dynamic link library
35.	fuwarxyus.dll
Name: fuwarxyus.dll Type: Dynamic link library
36.	Keysaver.dll
Name: Keysaver.dll Type: Dynamic link library
37.	gbiehbsb.dll
Name: gbiehbsb.dll Type: Dynamic link library
38.	System32.exeeeekp.dll
Name: System32.exeeeekp.dll Type: Dynamic link library
39.	Explorer.exe
Name: Explorer.exe Type: Executable File
40.	imglog.exe
Name: imglog.exe Type: Executable File
41.	winupsbdk.exe
Name: winupsbdk.exe Type: Executable File
42.	RunDLL31.exe
Name: RunDLL31.exe Type: Executable File
43.	protectgb.exe
Name: protectgb.exe Type: Executable File
44.	svhost.exe
Name: svhost.exe Type: Executable File
45.	smss.exe
Name: smss.exe Type: Executable File
46.	40518.exe
Name: 40518.exe Type: Executable File
47.	audiohq.exe
Name: audiohq.exe Type: Executable File
48.	memaker2.EXE
Name: memaker2.EXE Type: Executable File
49.	winagent.exe
Name: winagent.exe Type: Executable File
50.	csrss.exe
Name: csrss.exe Type: Executable File
51.	svrsrn.exe
Name: svrsrn.exe Type: Executable File
52.	explora.exe
Name: explora.exe Type: Executable File
53.	winnt2.exe
Name: winnt2.exe Type: Executable File
54.	StormSet.exe
Name: StormSet.exe Type: Executable File
55.	STRWIN32.EXE
Name: STRWIN32.EXE Type: Executable File
56.	svteppsk.exe
Name: svteppsk.exe Type: Executable File
57.	mdccasys32_080512.dll
Name: mdccasys32_080512.dll Type: Dynamic link library
58.	winnt4.exe
Name: winnt4.exe Type: Executable File
59.	winglogon.exe
Name: winglogon.exe Type: Executable File
60.	f4.dll
Name: f4.dll Type: Dynamic link library
61.	winlbom.exe
Name: winlbom.exe Type: Executable File
62.	winixplore.exe
Name: winixplore.exe Type: Executable File
63.	certcl.dll
Name: certcl.dll Type: Dynamic link library
64.	hook.dll
Name: hook.dll Type: Dynamic link library
65.	helper.dll
Name: helper.dll Type: Dynamic link library
66.	Oldwin2.exe
Name: Oldwin2.exe Type: Executable File
67.	lsass.exe
Name: lsass.exe Type: Executable File
68.	msn64.exe
Name: msn64.exe Type: Executable File
69.	ipv6mons.dll
Name: ipv6mons.dll Type: Dynamic link library
70.	wscrntfy.exe
Name: wscrntfy.exe Type: Executable File
71.	lanmanwrk.exe
Name: lanmanwrk.exe Type: Executable File
72.	SCVHOST.EXE
Name: SCVHOST.EXE Type: Executable File
73.	CcEvtSvc.exe
Name: CcEvtSvc.exe Type: Executable File
74.	krn4.exe
Name: krn4.exe Type: Executable File
75.	iexplore.exe
Name: iexplore.exe Type: Executable File
76.	ModBrd1.exe
Name: ModBrd1.exe Type: Executable File
77.	ieexplorer.exe
Name: ieexplorer.exe Type: Executable File
78.	manleuk.exe
Name: manleuk.exe Type: Executable File
79.	orkutkut.exe
Name: orkutkut.exe Type: Executable File
80.	winhelp32.exe
Name: winhelp32.exe Type: Executable File
81.	ree1.exe
Name: ree1.exe Type: Executable File
82.	winnet.dll
Name: winnet.dll Type: Dynamic link library
83.	netfx20.exe
Name: netfx20.exe Type: Executable File
84.	svchost.exe
Name: svchost.exe Type: Executable File
85.	hook.exe
Name: hook.exe Type: Executable File
86.	update01.exe
Name: update01.exe Type: Executable File
87.	od3mdi.dll
Name: od3mdi.dll Type: Dynamic link library
88.	systeminit.exe
Name: systeminit.exe Type: Executable File
89.	qwesddddd.dll
Name: qwesddddd.dll Type: Dynamic link library
90.	fun.exe
Name: fun.exe Type: Executable File
91.	wsupd1.exe
Name: wsupd1.exe Type: Executable File
92.	gbiehdst.dll
Name: gbiehdst.dll Type: Dynamic link library
93.	msn_livers.exe
Name: msn_livers.exe Type: Executable File
94.	KernelDrv.exe
Name: KernelDrv.exe Type: Executable File
95.	winntR2.exe
Name: winntR2.exe Type: Executable File
96.	taskenv.exe
Name: taskenv.exe Type: Executable File
97.	imola.exe
Name: imola.exe Type: Executable File
98.	server.exe
Name: server.exe Type: Executable File
99.	OKIX.exe
Name: OKIX.exe Type: Executable File
100.	dinputb.dll
Name: dinputb.dll Type: Dynamic link library
101.	ipv6monl.dll
Name: ipv6monl.dll Type: Dynamic link library
102.	winhlpj.exe
Name: winhlpj.exe Type: Executable File
103.	drwaec32.dll
Name: drwaec32.dll Type: Dynamic link library
104.	msnmsgr.exe
Name: msnmsgr.exe Type: Executable File
105.	caclsn32.dll
Name: caclsn32.dll Type: Dynamic link library
106.	sysecurex.exe
Name: sysecurex.exe Type: Executable File
107.	Dll.dll
Name: Dll.dll Type: Dynamic link library
108.	termsrv.dll
Name: termsrv.dll Type: Dynamic link library
109.	58.tmp
Name: 58.tmp Type: Temporary File
110.	WindowsUpdate.scr
Name: WindowsUpdate.scr

Registry Details

Trojan-Spy.Goldun.btz may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERS

RUNNING PROGRAM\Explorer.exe

NT\CURRENTVERSION\WINLOGON\NOTIFY\ GbiehCef

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ GlobalFlagimglog

MICROSOFT\WINDOWS

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Explorer

NT\CURRENTVERSION\WINLOGON\NOTIFY\eeekpNT\CURRENTVERSION\WINLOGON\NOTIFY\ GbiehBsb

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System32

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ModBrd1

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CcEvtSvc

RUNNING PROGRAM\WindowsUpdate.scr

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ krn

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Wapp

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan-Spy.Goldun.btz

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen