BackDoor.Finder – Trojan bot

Posted: January 16, 2013 in Encyclopedia viruses, IT Security News
Tags: ,

Malware Trojan HorseTrojan bot infects computers running Windows. At infection of system places the copy in the catalog % APPDATA% \ {GUID} \ and modifies the registry branch SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Run in order to implement its own autorun at system startup.

Built into all business processes and performs intercept Internet functions if for all processes will be found the following:

- maxthon, browser, firefox, iexplo, safari, mozill, chrome, avant, opera, netsc

If the user carries out web search by means of one of traced browsers, the Trojan receives URL of required search inquiry and sends it to the remote server. The server, in turn, sends to the bot specially created team which contains information and the web address with which the original search inquiry of the user will be changed.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s