Troj/BadCab-A
Troj/BadCab-A is a destructive backdoor Trojan that can modify the registry to ensure that it executes with every system boot-up. By opening a backdoor, Troj/BadCab-A provides remote attackers with unauthorized access to a victims PC. The attackers will then be free to install additional malware as well as steal any confidential information stored on the PC. Troj/BadCab-A will cause severe damage to your PC if not removed promptly.
File System Details
Troj/BadCab-A may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %System%\sys\lsass.exe | |
| 2. | %Temp%\IXP000.TMP\ResTuner.exe | |
| 3. | %CommonPrograms%\Resource Tuner\Support Forum.url | |
| 4. | %ProgramFiles%\Resource Tuner\restuner.url | |
| 5. | %ProgramFiles%\Resource Tuner\PLUGINS\Demo Plug-ins\Delphi\SOURCE\t12dll.dsk | |
| 6. | %CommonPrograms%\Resource Tuner\Resource Tuner on the Web.url | |
| 7. | %ProgramFiles%\Resource Tuner\resforum.url |
Registry Details
Troj/BadCab-A may create the following registry entry or registry entries:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Resource Tuner_is1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost]
[HKEY_CURRENT_USER\Software\Bifrost]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
