Aliases: Trj/Genetic.gen [Panda], Dropper.Generic7.BMSP [AVG], W32/Jorik_Steckt.N!tr [Fortinet], Virus.Win32.VBInject [Ikarus], Win32.Troj.Generic.z.(kcloud), Trojan.Agent/Gen-Koobface[Bonkers], Trojan.Gen.2 [Symantec], Trojan/Injector.acxp, Backdoor.Bot, Gen:Variant.Kazy.144420, Trojan-Spy.ProAgent [Ikarus], W32/Risk.LUGD-3576, Win32.Malware.Heur_Generic.A.(kcloud), TrojanSpy.ProAgent.eq and Troj/Spy-YE [Sophos].

Technical Information

File System Details

Backdoor.Refpron.gen!D creates the following file(s):
# File Name Size MD5 Detection Count
1 C:\Documents - MBS\Documents & PPS\Z-Info.exe\Z-Info.exe 331,264 29296f6e1b2ad437fe9ab2f862f2236e 76
2 %APPDATA%\Microsoft\Windows\Templates\authz.exe 14,336 b7ce281c4fd5d11ca9bd6274e383a0da 29
3 %APPDATA%\Systweak\Tweaker.exe 2,526,720 9b91b798e72b5ac7497dc6c89b51b900 21
4 %APPDATA%\Windsound\soundloader.exe 1,310,820 11bdefb1507e5ead28ac67664853ae38 2
5 %TEMP%BAIXAR - CD Eletro Dance 2013 - Dj Maycom Bonde das Maravilhas - Mc PHDFunk (Lançamento) - LNP (Loukos Na Pista) · Funk20222 - Mp3.exe 2,357,248 0f7bfbaab4006b02dd885f35337f19b6 2
6 %WINDIR%\system32\FastNetSrv.exe 51,712 194afac2fb3b8ad58707d3afd960b1f9 1
7 %LOCALAPPDATA%12101042012end.exe 272,896 a3b410f82a615836e1e988aac7b0b4c8 1

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.