Backdoor.Graybird!rem
Backdoor.Graybird!rem is a Trojan. Once Backdoor.Graybird!rem has secretly infiltrated a machine it will open a backdoor and allow malware and adware into the system. Backdoor.Graybird!rem will also give remote attackers access to a compromised machine which will put a victim's private information at risk. Backdoor.Graybird!rem is a dangerous threat that should not be taken lightly.
Table of Contents
Aliases
6 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| - | Win-Trojan/Hupigon.1484220 |
| - | Backdoor.Win32.HacDef.073.B |
| - | TrojanDropper:Win32/Dowque.A |
| - | TROJ_DOWQUE.NY |
| - | BackDoor-AWQ.b.gen.w |
| - | Backdoor.Win32.Hupigon.dkwt |
File System Details
Backdoor.Graybird!rem may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | [pathname with a string SHARE]\DWTRIG20.EXE.EXE | |
| 2. | [pathname with a string SHARE]\sapisvr.exe.EXE | |
| 3. | %ProgramFiles%\Internet Explorer\Connection Wizard\icwrmind.exe.EXE | |
| 4. | %ProgramFiles%\Internet Explorer\Connection Wizard\isignup.exe.EXE | |
| 5. | %ProgramFiles%\Messenger\msmsgs.exe.EXE | |
| 6. | %ProgramFiles%\MSN\MSNIA\msniasvc.exe.EXE | |
| 7. | %ProgramFiles%\RLWGXH\FORSDS.exe | |
| 8. | %Windir%\GNOTAS5Z.exe | |
| 9. | [pathname with a string SHARE]\DW20.EXE.EXE | |
| 10. | [pathname with a string SHARE]\msinfo32.exe.EXE | |
| 11. | %ProgramFiles%\Internet Explorer\Connection Wizard\icwconn2.exe.EXE | |
| 12. | %ProgramFiles%\Internet Explorer\Connection Wizard\inetwiz.exe.EXE | |
| 13. | %ProgramFiles%\Internet Explorer\IEXPLORE.EXE.EXE | |
| 14. | %ProgramFiles%\MSN\MSNCoreFiles\Install\msnsusii.exe.EXE | |
| 15. | %ProgramFiles%\MTEJRQEZOX.exe.EXE | |
| 16. | %Windir%\CGVGZIY.exe | |
| 17. | %Temp%\3.exe | |
| 18. | [pathname with a string SHARE]\MSINF16H.EXE.EXE | |
| 19. | %ProgramFiles%\Internet Explorer\Connection Wizard\icwconn1.exe.EXE | |
| 20. | %ProgramFiles%\Internet Explorer\Connection Wizard\icwtutor.exe.EXE | |
| 21. | %ProgramFiles%\Internet Explorer\iedw.exe.EXE | |
| 22. | %ProgramFiles%\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe.EXE | |
| 23. | %ProgramFiles%\MSN\MsnInstaller\msninst.exe.EXE | |
| 24. | %ProgramFiles%\VROTLN3\LVL5VFVX.exe |
Registry Details
Backdoor.Graybird!rem may create the following registry entry or registry entries:
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
