Gen.Backdoor

Gen.Backdoor Description

Gen.Backdoor is a backdoor trojan that copies itself through network exploits rapidly on the targeted computer system. Gen.Backdoor that proliferates through network shares and enables a hacker to get access to your computer. Gen.Backdoor illustrates security threats to declare your computer is seriously infected. Gen.Backdoor creates a start-up registry entry so that it runs automatically every time Windows starts. Gen.Backdoor is a serious threat to the security of your personal and financial information, and it is advised to delete it immediately.

Aliases: Worm/Autoit.AYWI [AVG], W32/Autoit_IK.gen [Fortinet], Worm.Win32.AutoIt [Ikarus], Trojan/Win32.Chifrax.gen [Antiy-AVL], UDS:DangerousObject.Multi.Generic [Kaspersky], TROJ_GEN.RCBH1LG, Win32/Autoit.IK.Gen, Backdoor/Poison.evja, Artemis!984673854366 [McAfee], BackDoor.Generic16.ALDF [AVG], TROJ_SPNR.14BB13 [TrendMicro], TR/Virtool.DelfInject.1299 [AntiVir], Trojan.Injector!cA8MKYYEBE8, TROJ_GEN.RCBB1AU and Suspicious_Gen4.CDNPV.

Technical Information

File System Details

Gen.Backdoor creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%\Facebook\Update\FacebookVideoCall.exe 58,368 f0068da23dd096a7449abc02fa2d644a 34
2 %ALLUSERSPROFILE%msnmsgre17.exe 53,248 629998e3617acc655e169207f916c145 34
3 %LOCALAPPDATA%usnscv.exe 1,457,664 84d00a9d687bad16887dcf0084779f1f 29
4 %ALLUSERSPROFILE%\NVDIA\Adobe Reader.exe 96,768 b33782f10e43999302160383c765ab79 22
5 %LOCALAPPDATA%\kjdhkynj\sprtxyww.exe 121,856 c9a3e84bdf836776d7d523e0cb41222b 10
6 %TEMP%0092a060.exe 57,674 7613d7b0cf561f89e5397f0392908665 8
7 %APPDATA%\MyFolder\.exe 340,480 71f7a8e52161cc187d612eab33322809 4
8 %TEMP%044a2abe.exe 58,146 84e00e09e7c326f05b08fd4efac3baed 4
9 %TEMP%prog.exe 58,698 fb0effdaa5c3ed162416f3b41e1d1215 4
10 %ALLUSERSPROFILE%\6a0199\PS6a0_279.exe 2,336,256 8ca06ba59fa056f4f8b06d7fa8b0c3ee 2
11 %ALLUSERSPROFILE%\Application Data\taskmsg.exe 1,492,992 98d2ef3fbaf6eec8b70c0b4092bb5c18 2
12 %USERPROFILE%userlog.exe 31,744 c2a06af54188e35c9102dfe3f2925f19 2
13 %APPDATA%jrux.exe 645,632 7a94387dc448a7e729643adc1d02aebe 2
14 %USERPROFILE%\Documents\Services\Cursor.exe 795,549 984673854366568a93a2cc32f17b2253 2
15 %TEMP%000063f9.exe 59,714 87c2b8770c095c178f28d14853530fe2 2
16 %USERPROFILE%\Documents\Services\drivers.exe 67,072 82dfed0e441f2e6abd902de126e75e4e 2
17 %APPDATA%kill.exe 96,256 e11203804d1048c7838a457e652e0136 2
18 %PROGRAMFILES%\Internet Explorer\4ljfxa.exe 387,072 fd3aec195be2fb2ea57f1593265518d4 2
19 %PROGRAMFILES(x86)%\Internet Explorer\no1sqs4.exe 387,072 8b29fbcf984eee8048a22c76b27133e6 2
20 %APPDATA%\uploader\5186.exe 1,370,624 cd387d41e4906884291f525e0c01af96 2
21 %WINDIR%\system32\winupdate\winupdate.exe.exe 672,256 8af9b158dd7bc3379761af51ea0ecf74 1
22 %ALLUSERSPROFILE%\Application Data\5UCvGFx2.exe 223,232 4f80b85c6a9945cddb67571cfa8e44d5 1
23 %WINDIR%\system32\Cerberus\server.exe 1,631,396 b204deace3e397f23048908526ffbac7 1
24 %LOCALAPPDATA%\Microsoft\Windows\ukouivu.exe 198,145 f7abbd754528fbb3d4370faeceb01f9f 1
25 %TEMP%\Drivers\HardwareDrivers.exe 167,424 185c13ce23ed68c82bcf201e77f15794 1
26 %TEMP%052d1a6d.exe 57,552 e97ea240e31a24aa8c2671f70eb423c1 1
27 %TEMP%0002b099.exe 58,146 ede23d775d4f70f17d9d2e9e75b6636f 1
28 %USERPROFILE%\Local Settings\Application Data\02162112013miner272cr2.exe 269,824 677dbf601a01e1511e5d8adb22cdaa4f 1
29 %TEMP%mhgzjirq.exe 451,829 470927afcf472d69c6333f447c7b3d0a 1
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.

By GoldSparrow in Backdoors
Threat Scorecard
?
The ESL Threat Scorecard is an assessment report that is given to every malware threat that has been collected and analyzed through our Malware Research Center. The ESL Threat Scorecard evaluates and ranks each threat by using several metrics such as trends, incidents and severity over time.

In addition to the effective scoring for each threat, we are able to interpret anonymous geographic data to list the top three countries infected with a particular threat. The data used for the ESL Threat Scorecard is updated daily and displayed based on trends for a 30-day period. The ESL Threat Scorecard is a useful tool for a wide array of computer users from end users seeking a solution to remove a particular threat or security experts pursuing analysis and research data on emerging threats.

Each of the fields listed on the ESL Threat Scorecard, containing a specific value, are as follows:

Ranking: The current ranking of a particular threat among all the other threats found on our malware research database.

Threat Level: The level of threat a particular computer threat could have on an infected computer. The threat level is based on a particular threat's behavior and other risk factors. We rate the threat level as low, medium or high. The different threat levels are discussed in the SpyHunter Risk Assessment Model.

Infected Computer: The number of confirmed and suspected cases of a particular threat detected on infected computers retrieved from diagnostic and scan log reports generated by SpyHunter's Spyware Scanner.

% Change: The daily percent change in the frequency of infected computers of a specific threat. The formula for percent changes results from current trends of a specific threat. An increase in the rankings of a specific threat yields a recalculation of the percentage of its recent gain. When a specific threat's ranking decreases, the percentage rate reflects its recent decline. For a specific threat remaining unchanged, the percent change remains in its current state. The % Change data is calculated and displayed in three different date ranges, in the last 24 hours, 7 days and 30 days. Next to the percentage change is the trend movement a specific malware threat does, either upward or downward, in the rankings. Each level of movement is color coded: a green up-arrow (∧) indicates a rise, a red down-arrow (∨) indicates a decline, and a brown equal symbol (=) indicates no change or plateaued.

Top 3 Countries Infected: Lists the top three countries a particular threat has targeted the most over the past month. This data allows computer users to track the geographic distribution of a particular threat throughout the world.
Ranking: N/A
Threat Level: 8
Infected Computers: 289