Home Malware Programs Backdoors Backdoor.Gspy.A

Backdoor.Gspy.A

Posted: January 25, 2012

Threat Metric

Threat Level: 6/10
Infected PCs: 232
First Seen: December 27, 2011
Last Seen: November 21, 2020
OS(es) Affected: Windows

Backdoor.Gspy.A is a malicious backdoor Trojan infection that infiltrates into your computer system without your permission and knowledge and then attempts to steal private details such as your banking data and various others logins and/or passwords. Backdoor.Gspy.A reduces the security level of your PC system in order to allow attackers to gain remote access and control over your computer without you even knowing about it. Backdoor.Gspy.A is is difficult to detect if you are not a computer expert, because it does not have an interface nor does it show annoying pop-up messages. However, the existence of the certain process files in the Task Manager is the best evidence of Backdoor.Gspy.A. Backdoor.Gspy.A always runs in the background of your system, because upon the installation it modifies the registry by adding a RUN key so that it can run automatically every time you start your computer. Backdoor.Gspy.A also corrupts several legitimate processes in order to evade detection by security software. Backdoor.Gspy.A is able to delete files, change system settings and download arbitrary files that usually include other types of malware threats. In order to download and execute the said files Backdoor.Gspy.A connects to remote Russian websites. To protect your PC from damage, find a reputable anti-malware tool to completely remove Backdoor.Gspy.A.

Aliases

BackDoor.Generic15.NTZ [AVG]W32/BackDoor.1GT!tr [Fortinet]Win-Trojan/Gspy.111616 [AhnLab-V3]BDS/GSpy.A.61 [AntiVir]Backdoor.Generic.705834 [BitDefender]Trojan-Dropper.Win32.Injector.cwcu [Kaspersky]a variant of Win32/Kryptik.ABNX [NOD32]Generic BackDoor!1gt [McAfee]TrojanDropper.Injector.cwcu [CAT-QuickHeal]Dropper.Generic4.CJIX [AVG]BDS/GSpy.A.6 [AntiVir]Trojan.Inject.57971 [DrWeb]Trojan.Generic.KDV.441331 [BitDefender]Trojan-Dropper.Win32.Injector.aahv [Kaspersky]a variant of Win32/Kryptik.WAF [NOD32]
More aliases (302)

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Backdoor.Gspy.A may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDIR%\system32\htBCSvc32.exe File name: htBCSvc32.exe
Size: 1.89 MB (1890304 bytes)
MD5: ca12b34694feea88a8056cabd73258f6
Detection count: 84
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\
Group: Malware file
Last Updated: January 1, 2012
%WINDIR%\ckazo.exe File name: ckazo.exe
Size: 119.29 KB (119296 bytes)
MD5: c5f7eb582b54d2e893276a1725e504e5
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: February 13, 2012
%WINDIR%\lmjwl.exe File name: lmjwl.exe
Size: 118.78 KB (118784 bytes)
MD5: e2ff48c54a6d7e0bff237b7b03b7a13a
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: April 27, 2012
%WINDIR%\usmme.exe File name: usmme.exe
Size: 131.07 KB (131072 bytes)
MD5: 8bf08b9eef967da31722c215acc4b87f
Detection count: 45
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: January 16, 2012
%ALLUSERSPROFILE%\mshtune.exe File name: mshtune.exe
Size: 122.88 KB (122880 bytes)
MD5: 24859fe4971fe4e6fd496d513e75fd70
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: January 1, 2012
%PROGRAMFILES%\Messenger\msmsgs.exe File name: msmsgs.exe
Size: 1.1 MB (1105412 bytes)
MD5: 6a1365083f768e50d134218890d5d6c4
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Messenger\
Group: Malware file
Last Updated: January 1, 2012
%WINDIR%\system32\NUSB3w32.dll File name: NUSB3w32.dll
Size: 157.18 KB (157184 bytes)
MD5: d00f284ec2cdb0ed59db00dcb7b00fbf
Detection count: 14
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32\
Group: Malware file
Last Updated: January 1, 2012
%ALLUSERSPROFILE%\ciohb.exe File name: ciohb.exe
Size: 118.78 KB (118784 bytes)
MD5: af19f2e7b32484c29ebb78178bbbea74
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: February 6, 2012
%WINDIR%\System32\appmgmts.dll File name: appmgmts.dll
Size: 83.11 KB (83112 bytes)
MD5: 67e0da396b8cc5b479db96d7e46ae016
Detection count: 12
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\System32\
Group: Malware file
Last Updated: March 8, 2012
%PROGRAMFILES%\RealtekAudioDriver\audiodrvx.exe File name: audiodrvx.exe
Size: 1.44 MB (1444864 bytes)
MD5: 0f3e99946f676bb3e191a599890298fa
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\RealtekAudioDriver\
Group: Malware file
Last Updated: January 1, 2012
Anti-Malware.exe File name: Anti-Malware.exe
Size: 44.54 KB (44544 bytes)
MD5: 53486bf93b2e14b8173a02f5423873fb
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 1, 2012
%ALLUSERSPROFILE%\ozzok.exe File name: ozzok.exe
Size: 119.8 KB (119808 bytes)
MD5: 5faa7090b955aa3b1f36f8d3b76b2e1d
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: January 30, 2012
%WINDIR%\gsmej.exe File name: gsmej.exe
Size: 114.17 KB (114176 bytes)
MD5: 62017e70d3f8ef4f9d0119dfa801d4f1
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: January 23, 2013
%ALLUSERSPROFILE%\depzk.exe File name: depzk.exe
Size: 133.63 KB (133632 bytes)
MD5: 8e0bdc022352d70464b5732a82b91c24
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 6, 2013
%ALLUSERSPROFILE%\saaxh.exe File name: saaxh.exe
Size: 111.61 KB (111616 bytes)
MD5: 1a2ba21b0bc9bbdcc49c46c79aadd5dc
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 6, 2013
%WINDIR%\rndbs.exe File name: rndbs.exe
Size: 71.79 KB (71798 bytes)
MD5: 93d9e505723fceee6333e366fb16cf13
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: January 1, 2012
%ALLUSERSPROFILE%\xhygu.exe File name: xhygu.exe
Size: 114.68 KB (114688 bytes)
MD5: ac1202cfecd7108abded035a852c2fa1
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: February 8, 2012
%ALLUSERSPROFILE%\qdlrj.exe File name: qdlrj.exe
Size: 118.27 KB (118272 bytes)
MD5: 8319605f9c49e058a7eca47f65848c47
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: June 6, 2012
%ALLUSERSPROFILE%\vluge.exe File name: vluge.exe
Size: 118.27 KB (118272 bytes)
MD5: e9a0146f30875831996daecf97371b67
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: January 30, 2012
%ALLUSERSPROFILE%\vlopq.exe File name: vlopq.exe
Size: 113.66 KB (113664 bytes)
MD5: 57c69b71c6dcbbac337861087cd1d5e3
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: October 15, 2012
%WINDIR%\qreys.exe File name: qreys.exe
Size: 116.22 KB (116224 bytes)
MD5: 9b10e4c69d716cb01aa0599829441768
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: February 25, 2013
53499.exe File name: 53499.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Anti-Malware.exe File name: Anti-Malware.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
qrvzd.exe File name: qrvzd.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
pdf_converter.exe File name: pdf_converter.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
waada.exe File name: waada.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Svchost.exe File name: Svchost.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
_ex-68.exe File name: _ex-68.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file