ColdFusion.b is a backdoor designed to record all user keystrokes and send gathered data to a predefined e-mail address. The parasite can also be remotely controlled. It provides the attacker with unauthorized access to the compromised computer. The intruder can control the system and steal more user sensitive information.
nwisse.exe, emgfx.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun wisseHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonShell=explorer.exe winspols.scrHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSystem=percentSystempercentsvch0st.comHKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components(tt9381D8F2-0288-11D0-9501-00AA00B911A5)