Max Secure Software: Encyclopedia

Home / Spyware Encyclopedia / Backdoor.Sdbot << Back

Recommendation to Automatically remove Backdoor.Sdbot

Our products can remove Backdoor.Sdbot and thousands of other Virus and Spyware automatically and instantly.

Backdoor.Sdbot Details

Category Backdoor
Discovered 8/11/2012 8:07:50 PM
Modified 10/23/2024 6:32:38 PM
Threat Level Critical
Category Description
A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to be used by the attacker for malicious purposes unknown to the user.

The following Files were created:

VALUE	FILESIZE	COMPANYNAME	VERSION	SIGNATURE
e7b94583.exe	42502	x-man®	1.00	e59951855310e26fa9e0b7825568f6f5
3a31df19.exe	32768	x-man®	1.00	ba0bf08f42d6d132e8ef6b17c2dd3c60
21cec590.exe	123410	x-man®	1.00	ac948fab0d34d4ff945f2bfeb9ecf433
ac09e676.exe	3145734	x-man®	1.00	a54050b3256ddb88a908df511729c28d
d70b5403.exe	32768	x-man®	1.00	42519d9f4f22a937d341a338a9856afd
fcf75a50.exe	97286	x-man®	1.00	08a559676240871f49bb470a13ecdae1
b9921f18.exe	32768	x-man®	1.0.0.0	df49433c2f98682154e0e0e46eda16c5
ae068138.exe	65411	x-man®	1.0.0.0	dd336ceefec789826e6cc0bb296296cb
16ce2348.exe	32768	x-man®	1.0.0.0	dae84ea26c79ba3b68d85b614f42ba8f
2956ad3b.exe	43014	x-man®	1.0.0.0	d8e97a576a8a4e7075fff558fd98984d

The following Registry Entries were created:

..\System\CurrentControlSet\Services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\"%pf.common%\system\img_8763.exe"\"%pf.common%\system\img_8763.exe:*:enabled:windows update"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"driver.exe"\"%win.sys32%\driver.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"windows update"\"%pf.common%\system\img_8763.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"dump dm"\"%win.sys32%:imicrowi.exe"

..\System\CurrentControlSet\Enum\root\legacy_rpcremote\(Default)

..\Software\Microsoft\active setup\installed components\{c3035e1d-6c87-93e6-fa85-d8d960b69a49}\(Default)

..\Software\Microsoft\active setup\installed components\{4f4dbf91-2fdb-6928-c0fe-3c61ce37b976}\(Default)

..\System\CurrentControlSet\Services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\"%das%\sspools.exe"\"%root%\docume~1\sspools.exe:*:enabled:windows update"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"windows update"\"%das%\sspools.exe"

..\Software\Microsoft\Windows\CurrentVersion\Run\\"explorer"\"%win.sys32%\plugin.exe"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Recommendation to Automatically remove Backdoor.Sdbot

Backdoor.Sdbot Details

Useful Links