Backdoor.Zxshell.B

Posted: February 23, 2012

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	6,907
Threat Level:	5/10
Infected PCs:	1,808

First Seen:	February 23, 2012
Last Seen:	October 17, 2023
OS(es) Affected:	Windows

Backdoor.Zxshell.B is a backdoor Trojan that violates your computer's security to enable criminal interaction with the system. This may also include the installation of more specific PC threats than Backdoor.Zxshell.B, such as spyware, rogue security programs or browser hijackers. Because Backdoor.Zxshell.B was only noted recently and is installed by an exceptionally covert Trojan dropper, SpywareRemove.com malware experts recommend that you keep your anti-malware programs completely up-to-date to help them detect and remove Backdoor.Zxshell.B and related PC threats. While Backdoor.Zxshell.B and related Trojans may be difficult to find and remove, under no circumstances should you ignore or tolerate Backdoor.Zxshell.B's activities on your PC, since they can be considered the digital equivalent of handing the keys of your car over to a driver known for crashing vehicles into trees.

Why Backdoor.Zxshell.B Might Slip Past Your Security's Notice

Backdoor.Zxshell.B is installed by Trojan.Dropper.UAJ, a Windows-centric Trojan that's achieved quite a bit of notice due to its unusual startup mechanism. Unlike most Trojans that use Registry-based exploits to launch themselves, Trojan.Dropper.UAJ launches itself by inserting malicious code into a copied comres.dll file, a file that's mandatory for the proper functioning of Windows. SpywareRemove.com malware analysts have also noted similar methods with other types of sophisticated Trojans, such as Troj/PSW-GM and Infostealer.Gampass. Unlike the aforementioned spyware Trojans, however, Trojan.Dropper.UAJ isn't designed to steal passwords, but to install Backdoor.Zxshell.B.

Since this startup method is mildly unusual for Trojans, your anti-malware programs may have difficulty detecting or removing Trojan.Dropper.UAJ before it gets a chance to install Backdoor.Zxshell.B. This startup method will allow Trojan.Dropper.UAJ to trigger itself automatically and without your notice, and you shouldn't try to delete a contaminated comres.dll file since Windows will experience a variety of errors without its presence. Updating your anti-malware software to have threat definitions that are current for late February 2012 will help to minimize the possibility of either Trojan.Dropper.UAJ or Backdoor.Zxshell.B subsisting on your PC for a noticeable length of time.

Counting Out the Possibilities Hidden within Backdoor.Zxshell.B's Sneak Attack

Although the full range of consequences from Backdoor.Zxshell.B's functions is yet to be enumerated, SpywareRemove.com malware experts have noted the following issues are likely to occur whenever your PC is infected by Backdoor.Zxshell.B or a similar backdoor Trojan:

Unauthorized changes to your security-related programs, including the firewall (which may have had exceptions added to it) or network utilities (which may have ports opened for back-and-forth access).
The presence of a backdoor that allows remote hackers to not only access but exert control over your PC.
Blocked security applications which may or may not extend to popular anti-malware scanners.
The installation of other PC threats that may use any of a number of attacks against your computer, such as browser redirects, keylogging or fake infection pop-ups.

Backdoor.Zxshell.B

Threat Metric

Why Backdoor.Zxshell.B Might Slip Past Your Security's Notice

Counting Out the Possibilities Hidden within Backdoor.Zxshell.B's Sneak Attack

Leave a Reply