Home Malware Programs Trojans Backdoor.Win32.Popwin

Backdoor.Win32.Popwin

Posted: November 12, 2009

Backdoor.Win32.Popwin is also known as Packed/Upack and is a malicious computer Virus that uses a packer to download malware to your computer. Backdoor.Win32.Popwin affects most Windows programs and usually uses a fake pop-up scan and false results to scare computer uses into purchasing redundant anti-spyware toolkits. Backdoor.Win32.Popwin poses a huge security threat to any PC or network and should be removed immediately.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Programs%\Startup\msdtcvtr.bat
    2 %System%\MsDtc\Trace\CF.bat
    3 %System%\MsDtc\Trace\msdtcvtr.bat
    4 %Temp%\1.tmp\computer_fker.bat

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Loading...