Home / malware Backdoor:Win32/Zegost.BF
First posted on 17 December 2013.
Source: MicrosoftAliases :
There are no other names known for Backdoor:Win32/Zegost.BF.
Explanation :
Threat behavior Backdoor:Win32/Zegost.BF is a trojan that allows unauthorized access and control of an affected computer.
Installation
Backdoor:Win32/Zegost.BF creates the following files on your computer:
Note:
- %programfiles%\common files\system\mscleaner.exe - detected as Backdoor:Win32/Zegost.BF
\mk_lol_1.0.0.20beta.exe \msclean.exe - detected as Backdoor:Win32/Zegost.BF refers to a variable location that is determined by the malware by querying the Operating System. The default installation location for the System folder for Windows 2000 and NT is C:\Winnt\System32; and for XP, Vista, and 7 is C:\Windows\System32.
Payload
Allows backdoor access and control
Backdoor:Win32/Zegost.BF allows unauthorized access and control of your PC. A hacker can perform a number of different actions, including:
- Downloading and runnning files
- Uploading files
- Spreading to other computers
- Logging your keystrokes or stealing your sensitive data
- Modifying your system settings
- Running or terminating applications
- Deleting files
This malware description was produced and published using our automated analysis system's examination of file SHA1 ccfcf1bef76dfde6e74d7fb0088b4653d97bb522.Symptoms
System changes
The following could indicate that you have this threat on your PC:
- The presence of the following files:
%programfiles%\common files\system\mscleaner.exe
\mk_lol_1.0.0.20beta.exe
\msclean.exe Last update 17 December 2013
