Cold Fusion
ColdFusion is a dangerous RAT with lots of malicious features. It is based on classical "server and client" technology. Server runs on a compromised PC and the client part is used by the attacker to control server remotely. ColdFusion server's functions can vary depending on initial configuration made by hacker. Usually it secretly runs on every Windows startup, accepts unauthorized remote connections, modifies critical computer settings, logs keystrokes and allows to manipulate all local files. Most ColdFusion versions have the ability to terminate and launch any installed software. Some configurations also can take screenshots of user activity and spy on a user via attached web cam. Installed ColdFusion violates user's privacy and damages the computer. It should be removed using advanced antivirus and malware removal tools.
File System Modifications
- The following files were created in the system:
# File Name 1 34d178c0.dll 2 client.exe 3 compressor.dll 4 dos.dll 5 editor.exe 6 f636792a.exe 7 icon.dll 8 installer.exe 9 join.dll 10 navapw16.exe 11 server.exe 12 sysbot.dll 13 syscomp.dll 14 syscpt.dll 15 sysdos.dll 16 sysk.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionavapw16.exeHKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionunwinupde
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.