Backdoor.Bot Description

Type: Trojan

Like its name suggests, Backdoor.Bot is a backdoor Trojan. Like most backdoor Trojans, Backdoor.Bot is designed to allow a hacker to obtain illegal access to a computer through a digital 'backdoor'. Much like a real-life backdoor allows a robber to enter a house or a building without being seen, a backdoor into a computer like the one the Backdoor.Bot establishes allows a criminal to gain access to the infected computer without being detected by the infected computer's security. Once installed, the Backdoor.Bot will open up an unauthorized opening that allows criminals to carry out tasks by gaining access to the infected computer from a remote location. If you are afraid that your PC has been in contact with Backdoor.Bot, you should scan your computer with a reliable anti-malware tool after restarting Windows in Safe Mode.

While a backdoor can be used to do anything on the infected computer (for example, stealing information, installing other malware, or deleting the contents of the infected computer's hard drive), the Backdoor.Bot itself is usually associated with scams that involve identity theft or stealing login data for online gaming and banking accounts. The Backdoor.Bot can also be used to execute a keylogger component on the infected computer. This keylogger records all the keys that are pressed on the infected computer's keyboard, meaning that criminals can then use this data to steal your online passwords and sensitive data, such as credit card or bank account numbers. A keylogger can also be used to monitor your activity on the infected computer and spy on your personal communications. Every once in a while, the Backdoor.Bot will deliver all the gathered data to a remote server where criminals can then gain access to it and use it for their own, malicious purposes.

What Kind of Tasks Can the Backdoor.Bot Be Used For?

Apart from stealing your information, Backdoor.Bot can be used as part of other large scale attacks on your computer. Criminals can use the Backdoor.Bot to install other malware on your computer, typically a rogue security program or a Trojan. There are numerous variants of the Backdoor.Bot due to the fact that the established backdoor can be used by criminals for a number of scams and attacks. Basically, the Backdoor.Bot allows criminals nearly the same level of control as if they were sitting in front of your computer's screen.


15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AVG Generic16.CDTS
Ikarus Trojan.Win32.Midgare
Sunbelt Packed.Win32.Rebhip.a.1 (v)
AhnLab-V3 Win-Trojan/Buzus.608256.D
eTrust-Vet Win32/Kollah.APV
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious.H
DrWeb Win32.HLLW.Autoruner.9222
F-Secure Trojan-Dropper:W32/Malis.gen!H
BitDefender Trojan.Generic.2093113
Kaspersky Trojan.Win32.Buzus.bwqx
ClamAV Trojan.Buzus-4637
Avast Win32:Inject-TO
F-Prot W32/Trojan2.HEBD
NOD32 Win32/Buzus.BIGA
McAfee W32/Autorun.worm.fy

Technical Information

File System Details

Backdoor.Bot creates the following file(s):
# File Name MD5 Detection Count
1 rl9g0bwwr1l.exe 26615614660d568b2509a5373cbcad1c 9
2 sys.exe 6f743f8489ef000c14191c9e547bddca 9
3 1lgww1g.exe d6299d87ce2518668955468aa91667e3 6
4 xpupdate.exe 2d9b147c2059dce494223b818274d748 6
5 winlogon.exe 208745d6ae95730c1bb66355aaa6d638 4
6 djwi2kcew.exe 160c20bd5a310b92f0a2105fe9b37ace 4
7 ql5g1vqgg1q.exe e5aa1ca75d8ce62b7f0ee097346f3cec 4
8 wnzip32.exe 5da6ba2f4f425a04c0ff675e91cd0c9b 2
9 winrom.exe 742f9d3621a981a7bd6fc0cc8d225925 2
10 ffaavqq2kf.exe 26d217ef3002f934d9f1c4787f2692f2 2
11 qql1faavlaq.exe 6127348f0451305c0d520129f242ae1c 2
12 scxhost.exe 0eca47f9d5b93ca3498526b5580abdbd 2
13 zvlw1mns.exe 87c7e824dd386017f1b7651a50c3ccce 2
14 awwriiduup.exe 1db63bbbddce7131378767ee8f3eb60e 2
15 0hm86y8.exe 8bc5757abfcffdf65fe041e8ae000642 2
16 5iidjfv.exe 94afc9b7ec1a7c00a781e0f5df822c22 2
17 5wwmns8.exe a4ec4df6ca473fa9dae91aed5c4b2592 2
18 r.exe 53d4ee6fb944fa56733d1b099ca2dbd1 2
19 081yjkf.exe fd0fc5c46c931405b005b68a9d9a8ed9 1
20 MsMxEng.exe dc177beeb71e834a7af5e820aa6e9315 1
21 winrsc.exe 729182a9cf01c56cf51cd8caed6f88b6 1
22 msimfo32.exe c67241d3ac991ece12a1c6e091284b82 1
23 2too6aa.exe 38c94d3fc0147691b03ae361b8c899e3 1
24 rnnjzzv2rmm.exe ca96f280ab521b593b0c45676e08e4eb 1
25 uqqlccxooj.exe 98784700ee33189554b397cd5ee89e2a 1
More files

Related Posts

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.