Home Malware Programs Backdoors Backdoor.Evilbot.A


Posted: December 9, 2009

Backdoor.Evilbot.A is a malicious Trojan that injects rootkit components into Windows processes to avoid detection. Backdoor.Evilbot.A can make changes to Windows Explorer settings and download other malicious files from external servers. Backdoor.Evilbot.A monitors user activities to obtain valuable information, specifically username and password information. Backdoor.Evilbot.A is a dangerous threat to any computer and should be removed immediately.


Backdoor.Win32.Evilbot.a (Kaspersky Lab)
BackDoor-OG (McAfee)
BKDR_EVILBOT.A (Trend Micro)
Troj/EvilBot-C (Sophos)
Backdoor:IRC/Evilbot (Microsoft)
Win-Trojan/Evilbot.15904 (AhnLab)

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Windir%\WinRun2.exe

Registry Modifications

  • The following newly produced Registry Values are: