Gen.Backdoor

Gen.Backdoor Description

Gen.Backdoor is a backdoor trojan that copies itself through network exploits rapidly on the targeted computer system. Gen.Backdoor that proliferates through network shares and enables a hacker to get access to your computer. Gen.Backdoor illustrates security threats to declare your computer is seriously infected. Gen.Backdoor creates a start-up registry entry so that it runs automatically every time Windows starts. Gen.Backdoor is a serious threat to the security of your personal and financial information, and it is advised to delete it immediately.

Aliases: Worm/Autoit.AYWI [AVG], W32/Autoit_IK.gen [Fortinet], Worm.Win32.AutoIt [Ikarus], Trojan/Win32.Chifrax.gen [Antiy-AVL], UDS:DangerousObject.Multi.Generic [Kaspersky], TROJ_GEN.RCBH1LG, Win32/Autoit.IK.Gen, Backdoor/Poison.evja, Artemis!984673854366 [McAfee], BackDoor.Generic16.ALDF [AVG], TROJ_SPNR.14BB13 [TrendMicro], TR/Virtool.DelfInject.1299 [AntiVir], Trojan.Injector!cA8MKYYEBE8, TROJ_GEN.RCBB1AU and Suspicious_Gen4.CDNPV.

Technical Information

File System Details

Gen.Backdoor creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%\Facebook\Update\FacebookVideoCall.exe 58,368 f0068da23dd096a7449abc02fa2d644a 34
2 %ALLUSERSPROFILE%msnmsgre17.exe 53,248 629998e3617acc655e169207f916c145 34
3 %LOCALAPPDATA%usnscv.exe 1,457,664 84d00a9d687bad16887dcf0084779f1f 29
4 %ALLUSERSPROFILE%\NVDIA\Adobe Reader.exe 96,768 b33782f10e43999302160383c765ab79 22
5 %LOCALAPPDATA%\kjdhkynj\sprtxyww.exe 121,856 c9a3e84bdf836776d7d523e0cb41222b 10
6 %TEMP%0092a060.exe 57,674 7613d7b0cf561f89e5397f0392908665 8
7 %APPDATA%\MyFolder\.exe 340,480 71f7a8e52161cc187d612eab33322809 4
8 %TEMP%044a2abe.exe 58,146 84e00e09e7c326f05b08fd4efac3baed 4
9 %TEMP%prog.exe 58,698 fb0effdaa5c3ed162416f3b41e1d1215 4
10 %ALLUSERSPROFILE%\6a0199\PS6a0_279.exe 2,336,256 8ca06ba59fa056f4f8b06d7fa8b0c3ee 2
11 %ALLUSERSPROFILE%\Application Data\taskmsg.exe 1,492,992 98d2ef3fbaf6eec8b70c0b4092bb5c18 2
12 %USERPROFILE%userlog.exe 31,744 c2a06af54188e35c9102dfe3f2925f19 2
13 %APPDATA%jrux.exe 645,632 7a94387dc448a7e729643adc1d02aebe 2
14 %USERPROFILE%\Documents\Services\Cursor.exe 795,549 984673854366568a93a2cc32f17b2253 2
15 %TEMP%000063f9.exe 59,714 87c2b8770c095c178f28d14853530fe2 2
16 %USERPROFILE%\Documents\Services\drivers.exe 67,072 82dfed0e441f2e6abd902de126e75e4e 2
17 %APPDATA%kill.exe 96,256 e11203804d1048c7838a457e652e0136 2
18 %PROGRAMFILES%\Internet Explorer\4ljfxa.exe 387,072 fd3aec195be2fb2ea57f1593265518d4 2
19 %PROGRAMFILES(x86)%\Internet Explorer\no1sqs4.exe 387,072 8b29fbcf984eee8048a22c76b27133e6 2
20 %APPDATA%\uploader\5186.exe 1,370,624 cd387d41e4906884291f525e0c01af96 2
21 %WINDIR%\system32\winupdate\winupdate.exe.exe 672,256 8af9b158dd7bc3379761af51ea0ecf74 1
22 %ALLUSERSPROFILE%\Application Data\5UCvGFx2.exe 223,232 4f80b85c6a9945cddb67571cfa8e44d5 1
23 %WINDIR%\system32\Cerberus\server.exe 1,631,396 b204deace3e397f23048908526ffbac7 1
24 %LOCALAPPDATA%\Microsoft\Windows\ukouivu.exe 198,145 f7abbd754528fbb3d4370faeceb01f9f 1
25 %TEMP%\Drivers\HardwareDrivers.exe 167,424 185c13ce23ed68c82bcf201e77f15794 1
26 %TEMP%052d1a6d.exe 57,552 e97ea240e31a24aa8c2671f70eb423c1 1
27 %TEMP%0002b099.exe 58,146 ede23d775d4f70f17d9d2e9e75b6636f 1
28 %USERPROFILE%\Local Settings\Application Data\02162112013miner272cr2.exe 269,824 677dbf601a01e1511e5d8adb22cdaa4f 1
29 %TEMP%mhgzjirq.exe 451,829 470927afcf472d69c6333f447c7b3d0a 1
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.