Backdoor.Cimuz
Backdoor.Cimuz is a malicious backdoor Trojan that may enable a remote attacker to get unauthorized access to the corrupted PC system. Backdoor.Cimuz will steal personal data such as user name and password via key logging capabilities. Backdoor.Cimuz also collects information like Operating System version, system folder, processor speed, upload folder and system uptime. Backdoor.Cimuz can run itself when Windows is started by placing an entry in the registry. Backdoor.Cimuz can install itself as Layered Service Provider (LSP). Backdoor.Cimuz opens a backdoor on the compromised computer able to intercept user name and password. You should remove Backdoor.Cimuz from your computer to keep your PC away from danger.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\[RANDOM ALPHANUMERIC CHARACTERS].tbl 2 %System%\c_20870.nls 3 %System%\msafd[TWO RANDOM NUMBERS].dll 4 %Temp%\~[RANDOM ALPHANUMERIC CHARACTERS].tmp
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Services\WinSock2\mswsock32\"PathName" = "C:\WINDOWS\system32\msafd[TWO RANDOM NUMBERS].dll"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.