Home Malware Programs Backdoors Backdoor.Cycbot!gen4

Backdoor.Cycbot!gen4

Posted: July 14, 2011

Backdoor.Cycbot!gen4 is a generic label for various types of Cycbot-based backdoor Trojans. Backdoor.Cycbot!gen4 Trojans can be used for a number of different attacks on your computer, including deleting files, forcing your PC to become part of a DDoS botnet, installing other applications, recording keyboard input or making changes to system settings. Some variants of Backdoor.Cycbot!gen4 are especially known for installing rogue security programs that create false positives, instead of detecting real infections. You should consider Backdoor.Cycbot!gen4 a high-level danger to your PC and remove Backdoor.Cycbot!gen4 with any anti-virus or other security program that's worth trusting.

Backdoor.Cycbot!gen4: A Generic Trojan with Specifically Deadly Attacks

Backdoor.Cycbot!gen4 is a behavior-based or heuristic label that's in use for any generic Trojan within the Cycbot family. Cycbot Trojans like Backdoor.Cycbot!gen4 are infamous for their backdoor-related functions, which allow them to engage in many different attacks:

  • Backdoor.Cycbot!gen4 will create security vulnerabilities in your PC, by opening network ports, disabling your firewall or changing its settings, blocking security-related programs and disabling update features. Many of these attacks may exploit the Windows Registry, which makes Backdoor.Cycbot!gen4's efforts difficult to detect.
  • After accomplishing this, Backdoor.Cycbot!gen4 will contact a remote server for a variety of purposes, including receiving instructions, updating itself, gathering information about your PC or downloading other harmful files.
  • Harmful programs that can be installed by Backdoor.Cycbot!gen4 include password-stealing spyware such as keyloggers, fake security applications, worms, viruses, ransomware and other Trojans. Some variants of Backdoor.Cycbot!gen4 are known to specialize in installing fake security programs which create fake errors in lieu of offering accurate security data.
  • Your computer may also be forced to engage in Distributed Denial of Service crimes that use up significant system resources and block certain websites.
  • Backdoor.Cycbot!gen4 may also be a source of remote attacks by criminals. Remote attacks may use any of the above behavior or other actions that cause harm to your computer, including deleting files or stealing private information.

How to Give Backdoor.Cycbot!gen4 a Stiff Upper Lip

Keeping your anti-virus and other security programs updated is important for preventing Backdoor.Cycbot!gen4 attacks, since many variants of Backdoor.Cycbot!gen4 were first seen as recently as July 2011. Although different types of Backdoor.Cycbot!gen4 may not show obviously visible characteristics, you may be able to catch them by looking for signs of the setting alterations that have been listed above.

Many Backdoor.Cycbot!gen4 subtypes will pretend to be fake svchost.exe files (a native Windows file) that can be discerned by having an unofficial location in the Application Data folder. This file shouldn't be deleted without the help from an anti-virus program, if such help is available, since Backdoor.Cycbot!gen4 also uses other files and may harm your PC if you remove the fake svchost.exe in an improper manner.

Prior to removing Backdoor.Cycbot!gen4, you should try to avoid contact with the following websites, which have a known history with Backdoor.Cycbot!gen4 and are malicious in nature:

136136.com
8minutedating.com
biggamemonitoring.com
bigkeystore.com
blenderartists.org
dolbyaudiodevice.com
freeonlinedatingtips.net
historykillerpro.com
internetsecure.com
motherboardstest.com
mywwwarchive.com
pcdocpro.com
protectyourpc-11.com
qudeteyuj.cn
securemywebconnection.com
sharewareconnection.com
testpcdriversonline.com
xy95.cn
zoneck.com
zonejm.com

File System Modifications

  • The following files were created in the system:
    # File Name
    1 HKEY_LOCAL_MACHINE\Software\Backdoor.Cycbot!gen4

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}%PROGRAM_FILES%\Backdoor.Cycbot!gen4c:\Documents and Settings\All Users\Backdoor.Cycbot!gen4\c:\Documents and Settings\All Users\Start Menu\Backdoor.Cycbot!gen4\
Loading...