Backdoor:Win32/RDPopen

Backdoor:Win32/RDPopen Description

Type: Backdoors

Backdoor:Win32/RDPopen is a backdoor Trojan that enables a remote cybercriminal to obtain full access and control over the targeted PC. Backdoor:Win32/RDPopen creates the connection with an unidentified location in order to permit the cybercriminal to carry out various harmful activities on the affected PC. The connection can also be used by the cybercriminal to drop malevolent files resulting in more harm on the hacked computer. While being executed, Backdoor:Win32/RDPopen will drop a copy of harmful file under various folders and system directories. Backdoor:Win32/RDPopen then creates several registry entries to enable itself to run automatically every time you start Windows. Backdoor:Win32/RDPopen makes modifications to the Windows Registry to evade Windows Firewall to permit transmission over the existing network. Backdoor:Win32/RDPopen can steal personal information from the affected PC. Backdoor:Win32/RDPopen also restricts PC users from using some applications including security tools on the infected computer.

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Panda Trj/Agent.MIZ
McAfee-GW-Edition Heuristic.BehavesLike.Win32.ModifiedUPX.C
AntiVir TR/Ransom.122880.12
Kaspersky Trojan-Ransom.Win32.Blocker.ajhe
Fortinet W32/Kryptik.AB!tr
AntiVir TR/Cridex.EB.27
Kaspersky Trojan-Dropper.Win32.Dapato.bnue
McAfee PWS-Zbot.gen.yl
Fortinet Adware/Bromngr
Ikarus not-a-virus:AdWare.Win32.SuspectCRC
AhnLab-V3 Adware/Win32.Bromngr
DrWeb Adware.BGuard.7
Sophos BProtector
Panda Trj/Genetic.gen
AVG Generic_r.BRJ

Technical Information

File System Details

Backdoor:Win32/RDPopen creates the following file(s):
# File Name MD5 Detection Count
1 BrowserProtect.exe 3b2ddfabcc929174cd7212d11cef0e0e 797
2 asr.exe 134e6943f8b7bab9eac7e9400965e50b 93
3 phxzbypky.exe 42d21a8f078cbc6d7d45b320a397b0be 50
4 windowsclock.exe ff9dea1bb2bb76ae7dae2125e2911299 17
5 zrzutek.exe eef98640e0e6e4dcee9df1f9bf0677f1 16
6 syshost.exe 45cf752aa71084771de80c42ecc050c3 8
7 yrdwpb.exe 8ac38e96f2cd0305c53cdd8eb398fb3e 6
8 test.exe c068764ba0e7e8974e9a2e9115a268f0 5
9 sopag_qhxbfwf.exe ba6d089d9f19c95318b05032a55a2240 4
10 4EAJQ0M3V4.exe 73c0a0cc3ad07972717854d102c53e43 3
11 TURegOpt.exe 1ef30cd92f4f0bf7a7eb40901f255f9e 2
12 store.exe 17d5c6d7fbf018bff468d114311bb124 2
13 dso4xWsdb.exe 3846383ab73e2ef79d9d2cd18f2a376c 2
14 WindowWizardT.exe ecbac4721f2642d8e545ddf9f3b5b055 2
15 onestepb.dll 007c3aca772286dcac7cd0b0831e4c52 1
16 proxy.exe 27df25d88be35f53347a07b697c455d2 0
17 drop/3e61f1aa075715737196f273eb9 3e61f1aa075715737196f273eb9c682e 0
18 WKG8CACQ 87f9ddaac8810f2c383d4bdfc4031d94 0
19 9108c2e48ecaa7aad2f557366592cbea 9108c2e48ecaa7aad2f557366592cbea 0
20 drop/1feeb60f9cf85877501230984ce 1feeb60f9cf85877501230984ce639c8 0
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.