Back.Door.Generic13.BNKI

Back.Door.Generic13.BNKI Description

Back.Door.Generic13.BNKI is identified as a hazardous backdoor Trojan that is created to enable attackers obtain remote access to the attacked PC system. When installed, Back.Door.Generic13.BNKI can disable anti-virus software to avoid its detection and deletion from the compromised machine. Back.Door.Generic13.BNKI can change system settings, collect personal details and transmit them to a remote attacker. You should uninstall Back.Door.Generic13.BNKI as soon as possible from your computer system once you detect it.

Technical Information

File System Details

Back.Door.Generic13.BNKI creates the following file(s):
# File Name Detection Count
1 %PROGRAM_FILES%\Back.Door.Generic13.BNKI N/A
2 c:\Documents and Settings\All Users\Start Menu\Back.Door.Generic13.BNKI\ c:\Documents and Settings\All Users\Back.Door.Generic13.BNKI\ N/A

Registry Details

Back.Door.Generic13.BNKI creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_Current_User\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RANDOM CHARACTERS.exe
HKEY_LOCAL_MACHINE\Software\Back.Door.Generic13.BNKI
net64 = "%Windir%\svhoster.exe"