Backdoor

How to remove “Backdoor.Bot.141265”?

Malware Removal

The Backdoor.Bot.141265 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Backdoor.Bot.141265 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Code injection with CreateRemoteThread in a remote process
  • Installs itself for autorun at Windows startup
  • Checks the version of Bios, possibly for anti-virtualization
  • Creates known Poison Ivy mutexes
  • Collects information to fingerprint the system

Related domains:

msnmsnmsgr.no-ip.biz

How to determine Backdoor.Bot.141265?


File Info:

crc32: ED4CE7F5
md5: 4eb84b47860013cd4ad2ab730b3c90ad
name: 4EB84B47860013CD4AD2AB730B3C90AD.mlw
sha1: 73ba6331a5ee34f104b6731b8364cafba91d73da
sha256: df741f84d98dc0916402bd24f26426a575f944f52915271233c4cf9161b5aed9
sha512: 2290d580a6cf0702ab798ae18f6d2dd3d706689f8d6c244fb55ead20e690dc9ac3f153b747dc1bd71d4e7334a3c6479dde653ff045f7ef027a7d8e3adb80c031
ssdeep: 12288:kxpz4TolPke11PbUcqcyylNoJSKT4Cw5ZqDrqKgA96MmAgjVX:kxF40pkW1j5LyylNoJSpCi4p96Mup
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Backdoor.Bot.141265 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.DsBot.m!c
Elasticmalicious (high confidence)
DrWebBackDoor.Bifrost.20639
ClamAVWin.Trojan.Agent-996312
ALYacBackdoor.Bot.141265
CylanceUnsafe
ZillyaBackdoor.DsBot.Win32.19392
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:Win32/PrivateexeProtector.4bf0293b
K7GWTrojan ( 0055e39b1 )
K7AntiVirusTrojan ( 0055e39b1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.PrivateEXEProtector.F suspicious
APEXMalicious
AvastWin32:Dropper-HKL [Drp]
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderBackdoor.Bot.141265
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
MicroWorld-eScanBackdoor.Bot.141265
TencentMalware.Win32.Gencirc.112a8809
Ad-AwareBackdoor.Bot.141265
SophosML/PE-A
ComodoMalware@#1rbgx27fa7xc6
BitDefenderThetaGen:NN.ZexaF.34170.NqY@aiKB0Vbi
VIPRETrojan.Win32.Generic.pak!cobra
McAfee-GW-EditionBehavesLike.Win32.Generic.jc
FireEyeGeneric.mg.4eb84b47860013cd
EmsisoftBackdoor.Bot.141265 (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor/DsBot.cmy
WebrootW32.Dsbot.Gen
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.19975
MicrosoftTrojan:Win32/Occamy.C
GDataBackdoor.Bot.141265
TACHYONBackdoor/W32.DsBot.642602
AhnLab-V3Backdoor/Win32.DsBot.C88058
Acronissuspicious
McAfeeGenericR-DOW!4EB84B478600
MAXmalware (ai score=100)
VBA32Trojan.Wacatac
MalwarebytesMalware.AI.2624889440
PandaTrj/Genetic.gen
RisingTrojan.Generic@ML.100 (RDML:MYz9iecpwEtIt//wdrSbtw)
YandexBackdoor.DsBot!yv6pV/2HT20
IkarusTrojan.Win32.Llac
MaxSecureTrojan.Malware.2343848.susgen
FortinetW32/DsBot.HWQ!tr.bdr
AVGWin32:Dropper-HKL [Drp]

How to remove Backdoor.Bot.141265?

Backdoor.Bot.141265 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment