Backdoor.RDPopen.A

Backdoor.RDPopen.A Description

Backdoor.RDPopen.A is a backdoor Trojan that can harm the compromised PC. Backdoor.RDPopen.A enables cybercriminals to obtain full remote access and control over the infected computer. Backdoor.RDPopen.A drops other malware infections on the corrupted PC. Backdoor.RDPopen.A may access the affected computer together with another malicious program. Backdoor.RDPopen.A changes firewall settings in order to communicate with other computer systems over the internet and permit various unwanted programs accessing your computer.

Aliases: Gen:Trojan.Heur.PT.kyW@aKz03soi (B), TrojWare.Win32.Trojan.Agent.Gen [Comodo], Malware, Gen:Trojan.Heur.PT.kyW@aKz03soi, Trj/CI.A [Panda], unknown virus Win32/DH{A2IJJwE} [AVG], W32/Agent.PEB [Fortinet], Backdoor.Win32.RDPopen [Ikarus], a variant of Win32/Agent.PEB, ASD.Prevention [AhnLab-V3], BehavesLike.Win32.Malware.eah (mx-v), Trojan.FakeAV.13384 [DrWeb], HEUR:Trojan.Win32.Generic [Kaspersky], TROJ_GEN.FFFHZJE and Artemis!EE6A3B4F760A [McAfee].

Technical Information

File System Details

Backdoor.RDPopen.A creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%\Bvok\wip.exe 88,123 1454b7013fec1afc00e09ace050a772a 336
2 %APPDATA%\AV Protection 2012\securitycenter.exe 3,826,179 8f5d347281fe3557c41cb89d8d2a8d87 180
3 %WINDIR%\system32\32a693f6.dll 1,781,248 1cbc4779bb0bf60169d44da11231c225 14
4 %APPDATA%msconfig.dat 80,384 3adb6173bced3d1a78b340e1f3e96fba 10
5 %USERPROFILE%\Downloads\tpwSetup-dm.exe 212,992 9f892e13257fc8e60bfd703003a61ae8 3
6 %ALLUSERSPROFILE%\IBUpdaterService\ibsvc.exe 395,992 0ee5e2c67f1996ac0c32abee8533751b 3
7 %APPDATA%\Microsoft\Windows\AdvService.exe 421,888 5f5e95c411800d9b5d05014535317b91 2
8 %SystemDrive%\Date.Msi\alg.exe 184,832 e071327a5ec1640b5f3b3bcadc277747 2
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.