Backdoor.Win32.Flashdor
Backdoor.Win32.Flashdor is a generic detection name for a malicious Trojan that opens a backdoor and allows a hacker to issue commands and control the infected PC. Unlike viruses, Trojans are spread manually and do not self replicate. Backdoor.Win32.Flashdor worms its way into the system using security exploits. Once the server component is unwittingly installed on the victim's machine, Backdoor.Win32.Flashdor opens a port to send a notification to the hacker. The hacker can then connect to the machine using the client component. Distribution channels include emails, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc. Symptoms include the presence of unknown files and registries and unexpected network traffic. Backdoor.Win32.Flashdor is severely dangerous to your PC and should be terminated immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %InternetCache%\msoftware.exe 2 %Windir%\simdial.exe 3 %Windir%\svchost.dll 4 %Windir%\svchost.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ACTIVEX.ActiveXCtrl.1\CLSID][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ACTIVEX.ActiveXCtrl.1][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DA694443-E25F-11D5-8FF6-0001021C7D4C}\1.0][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IE3]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.