Backdoor.Bot Description
Like its name suggests, Backdoor.Bot is a backdoor Trojan. Like most backdoor Trojans, Backdoor.Bot is designed to allow a hacker to obtain illegal access to a computer through a digital 'backdoor'. Much like a real-life backdoor allows a robber to enter a house or a building without being seen, a backdoor into a computer like the one the Backdoor.Bot establishes allows a criminal to gain access to the infected computer without being detected by the infected computer's security. Once installed, the Backdoor.Bot will open up an unauthorized opening that allows criminals to carry out tasks by gaining access to the infected computer from a remote location. If you are afraid that your PC has been in contact with Backdoor.Bot, you should scan your computer with a reliable anti-malware tool after restarting Windows in Safe Mode.
While a backdoor can be used to do anything on the infected computer (for example, stealing information, installing other malware, or deleting the contents of the infected computer's hard drive), the Backdoor.Bot itself is usually associated with scams that involve identity theft or stealing login data for online gaming and banking accounts. The Backdoor.Bot can also be used to execute a keylogger component on the infected computer. This keylogger records all the keys that are pressed on the infected computer's keyboard, meaning that criminals can then use this data to steal your online passwords and sensitive data, such as credit card or bank account numbers. A keylogger can also be used to monitor your activity on the infected computer and spy on your personal communications. Every once in a while, the Backdoor.Bot will deliver all the gathered data to a remote server where criminals can then gain access to it and use it for their own, malicious purposes.
What Kind of Tasks Can the Backdoor.Bot Be Used For?
Apart from stealing your information, Backdoor.Bot can be used as part of other large scale attacks on your computer. Criminals can use the Backdoor.Bot to install other malware on your computer, typically a rogue security program or a Trojan. There are numerous variants of the Backdoor.Bot due to the fact that the established backdoor can be used by criminals for a number of scams and attacks. Basically, the Backdoor.Bot allows criminals nearly the same level of control as if they were sitting in front of your computer's screen.
Technical Information
File System Details
# | File Name | Size | MD5 | Detection Count |
---|---|---|---|---|
1 | %USERPROFILE%\Start Menu\Programs\Startup\rl9g0bwwr1l.exe | 39,936 | 26615614660d568b2509a5373cbcad1c | 9 |
2 | %TEMP%sys.exe | 203,555 | 6f743f8489ef000c14191c9e547bddca | 9 |
3 | %USERPROFILE%\Start Menu\Programs\Startup\1lgww1g.exe | 39,936 | d6299d87ce2518668955468aa91667e3 | 6 |
4 | %SystemDrive%\RECYCLER\S-1-5-21-8556255180-8340947505-347048866-6696\xpupdate.exe | 124,416 | 2d9b147c2059dce494223b818274d748 | 6 |
5 | C:\RECYCLER\S-1-5-21-1382786252-2331198890-065395318-6957\winlogon.exe | 298,496 | 208745d6ae95730c1bb66355aaa6d638 | 4 |
6 | C:\RECYCLER\S-1-5-21-1164416283-0704393758-153681830-7043\djwi2kcew.exe | 135,680 | 160c20bd5a310b92f0a2105fe9b37ace | 4 |
7 | %USERPROFILE%\Start Menu\Programs\Startup\ql5g1vqgg1q.exe | 39,936 | e5aa1ca75d8ce62b7f0ee097346f3cec | 4 |
8 | C:\RECYCLER\S-1-5-21-1548338495-1396400765-946418885-8802\wnzip32.exe | 107,008 | 5da6ba2f4f425a04c0ff675e91cd0c9b | 2 |
9 | %WINDIR%\System32\winrom.exe | 40,448 | 742f9d3621a981a7bd6fc0cc8d225925 | 2 |
10 | %USERPROFILE%\Start Menu\Programs\Startup\ffaavqq2kf.exe | 39,936 | 26d217ef3002f934d9f1c4787f2692f2 | 2 |
11 | %USERPROFILE%\Start Menu\Programs\Startup\qql1faavlaq.exe | 39,936 | 6127348f0451305c0d520129f242ae1c | 2 |
12 | %WINDIR%scxhost.exe | 131,072 | 0eca47f9d5b93ca3498526b5580abdbd | 2 |
13 | %USERPROFILE%\Start Menu\Programs\Startup\zvlw1mns.exe | 39,936 | 87c7e824dd386017f1b7651a50c3ccce | 2 |
14 | %USERPROFILE%\Start Menu\Programs\Startup\awwriiduup.exe | 39,936 | 1db63bbbddce7131378767ee8f3eb60e | 2 |
15 | %USERPROFILE%\Start Menu\Programs\Startup\0hm86y8.exe | 39,936 | 8bc5757abfcffdf65fe041e8ae000642 | 2 |
16 | %USERPROFILE%\Start Menu\Programs\Startup\5iidjfv.exe | 39,936 | 94afc9b7ec1a7c00a781e0f5df822c22 | 2 |
17 | %USERPROFILE%\Start Menu\Programs\Startup\5wwmns8.exe | 39,936 | a4ec4df6ca473fa9dae91aed5c4b2592 | 2 |
18 | %APPDATA%\FTF\r.exe | 67,997 | 53d4ee6fb944fa56733d1b099ca2dbd1 | 2 |
19 | %USERPROFILE%\Start Menu\Programs\Startup\081yjkf.exe | 38,400 | fd0fc5c46c931405b005b68a9d9a8ed9 | 1 |
20 | C:\RECYCLER\S-1-5-21-4629222160-8634559352-099394617-1457\MsMxEng.exe | 181,248 | dc177beeb71e834a7af5e820aa6e9315 | 1 |
21 | %WINDIR%\system\winrsc.exe | 63,488 | 729182a9cf01c56cf51cd8caed6f88b6 | 1 |
22 | C:\RECYCLER\S-1-5-21-1947311589-7562745499-915912882-6344\msimfo32.exe | 103,424 | c67241d3ac991ece12a1c6e091284b82 | 1 |
23 | %USERPROFILE%\Start Menu\Programs\Startup\2too6aa.exe | 39,936 | 38c94d3fc0147691b03ae361b8c899e3 | 1 |
24 | %USERPROFILE%\Start Menu\Programs\Startup\rnnjzzv2rmm.exe | 39,936 | ca96f280ab521b593b0c45676e08e4eb | 1 |
25 | %USERPROFILE%\Start Menu\Programs\Startup\uqqlccxooj.exe | 39,936 | 98784700ee33189554b397cd5ee89e2a | 1 |
Related Posts
Site Disclaimer
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.