Gen.Backdoor Description
Gen.Backdoor is a backdoor trojan that copies itself through network exploits rapidly on the targeted computer system. Gen.Backdoor that proliferates through network shares and enables a hacker to get access to your computer. Gen.Backdoor illustrates security threats to declare your computer is seriously infected. Gen.Backdoor creates a start-up registry entry so that it runs automatically every time Windows starts. Gen.Backdoor is a serious threat to the security of your personal and financial information, and it is advised to delete it immediately.
Aliases:
Worm/Autoit.AYWI [AVG], W32/Autoit_IK.gen [Fortinet], Worm.Win32.AutoIt [Ikarus], Trojan/Win32.Chifrax.gen [Antiy-AVL], UDS:DangerousObject.Multi.Generic [Kaspersky], TROJ_GEN.RCBH1LG, Win32/Autoit.IK.Gen, Backdoor/Poison.evja, Artemis!984673854366 [McAfee], BackDoor.Generic16.ALDF [AVG], TROJ_SPNR.14BB13 [TrendMicro], TR/Virtool.DelfInject.1299 [AntiVir], Trojan.Injector!cA8MKYYEBE8, TROJ_GEN.RCBB1AU and Suspicious_Gen4.CDNPV.
Technical Information
File System Details
Gen.Backdoor creates the following file(s):
# | File Name | Size | MD5 | Detection Count |
---|---|---|---|---|
1 | %APPDATA%\Facebook\Update\FacebookVideoCall.exe | 58,368 | f0068da23dd096a7449abc02fa2d644a | 34 |
2 | %ALLUSERSPROFILE%msnmsgre17.exe | 53,248 | 629998e3617acc655e169207f916c145 | 34 |
3 | %LOCALAPPDATA%usnscv.exe | 1,457,664 | 84d00a9d687bad16887dcf0084779f1f | 29 |
4 | %ALLUSERSPROFILE%\NVDIA\Adobe Reader.exe | 96,768 | b33782f10e43999302160383c765ab79 | 22 |
5 | %LOCALAPPDATA%\kjdhkynj\sprtxyww.exe | 121,856 | c9a3e84bdf836776d7d523e0cb41222b | 10 |
6 | %TEMP%0092a060.exe | 57,674 | 7613d7b0cf561f89e5397f0392908665 | 8 |
7 | %APPDATA%\MyFolder\.exe | 340,480 | 71f7a8e52161cc187d612eab33322809 | 4 |
8 | %TEMP%044a2abe.exe | 58,146 | 84e00e09e7c326f05b08fd4efac3baed | 4 |
9 | %TEMP%prog.exe | 58,698 | fb0effdaa5c3ed162416f3b41e1d1215 | 4 |
10 | %ALLUSERSPROFILE%\6a0199\PS6a0_279.exe | 2,336,256 | 8ca06ba59fa056f4f8b06d7fa8b0c3ee | 2 |
11 | %ALLUSERSPROFILE%\Application Data\taskmsg.exe | 1,492,992 | 98d2ef3fbaf6eec8b70c0b4092bb5c18 | 2 |
12 | %USERPROFILE%userlog.exe | 31,744 | c2a06af54188e35c9102dfe3f2925f19 | 2 |
13 | %APPDATA%jrux.exe | 645,632 | 7a94387dc448a7e729643adc1d02aebe | 2 |
14 | %USERPROFILE%\Documents\Services\Cursor.exe | 795,549 | 984673854366568a93a2cc32f17b2253 | 2 |
15 | %TEMP%000063f9.exe | 59,714 | 87c2b8770c095c178f28d14853530fe2 | 2 |
16 | %USERPROFILE%\Documents\Services\drivers.exe | 67,072 | 82dfed0e441f2e6abd902de126e75e4e | 2 |
17 | %APPDATA%kill.exe | 96,256 | e11203804d1048c7838a457e652e0136 | 2 |
18 | %PROGRAMFILES%\Internet Explorer\4ljfxa.exe | 387,072 | fd3aec195be2fb2ea57f1593265518d4 | 2 |
19 | %PROGRAMFILES(x86)%\Internet Explorer\no1sqs4.exe | 387,072 | 8b29fbcf984eee8048a22c76b27133e6 | 2 |
20 | %APPDATA%\uploader\5186.exe | 1,370,624 | cd387d41e4906884291f525e0c01af96 | 2 |
21 | %WINDIR%\system32\winupdate\winupdate.exe.exe | 672,256 | 8af9b158dd7bc3379761af51ea0ecf74 | 1 |
22 | %ALLUSERSPROFILE%\Application Data\5UCvGFx2.exe | 223,232 | 4f80b85c6a9945cddb67571cfa8e44d5 | 1 |
23 | %WINDIR%\system32\Cerberus\server.exe | 1,631,396 | b204deace3e397f23048908526ffbac7 | 1 |
24 | %LOCALAPPDATA%\Microsoft\Windows\ukouivu.exe | 198,145 | f7abbd754528fbb3d4370faeceb01f9f | 1 |
25 | %TEMP%\Drivers\HardwareDrivers.exe | 167,424 | 185c13ce23ed68c82bcf201e77f15794 | 1 |
26 | %TEMP%052d1a6d.exe | 57,552 | e97ea240e31a24aa8c2671f70eb423c1 | 1 |
27 | %TEMP%0002b099.exe | 58,146 | ede23d775d4f70f17d9d2e9e75b6636f | 1 |
28 | %USERPROFILE%\Local Settings\Application Data\02162112013miner272cr2.exe | 269,824 | 677dbf601a01e1511e5d8adb22cdaa4f | 1 |
29 | %TEMP%mhgzjirq.exe | 451,829 | 470927afcf472d69c6333f447c7b3d0a | 1 |
Site Disclaimer
Enigmasoftware.com is not associated, affiliated, sponsored or owned
by the malware creators or distributors mentioned on this article. This article should NOT be
mistaken or confused in being associated in any way with the promotion or endorsement of malware.
Our intent is to provide information that will educate computer users on how to detect, and ultimately
remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on
this article.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.