Archive | Backdoors

Backdoor.UltimateDefender Removal, Uninstall Backdoor.UltimateDefender


What does Backdoor.UltimateDefender does?

Backdoor.UltimateDefender is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user’s knowledge. Backdoor.UltimateDefender compromises system integrity by making changes to the system that allow it to be used by the attacker for malicious purposes unknown to the user.

Backdoor.Win32.UltimateDefender. is known to be created as:

%System%\beep.sys
%System%\dllcache\beep.sys
%System%\dllcache\figaro.sys

Other Names of Backdoor.UltimateDefender

  • VirTool:WinNT/Xantvi.gen!A [Microsoft]
  • Mal/FakeAle-C [Sophos]
  • Hacktool.Rootkit [Symantec]
  • Rootkit.Renos.Gen.11 [PC Tools]
  • NTRootKit-AC [McAfee]
  • FakeAlert-C.dr [McAfee]
  • Adware.Agent.ZO [PC Tools]
  • not-a-virus:.FraudTool.Win32.UltimateDefender.cm [Ikarus]
  • Trojan.Virantix.C [Symantec]
  • not-a-virus:FraudTool.Win32.UltimateDefender.cm [Kaspersky Lab]
  • Troj/KillAV-EM [Sophos]
  • TROJ_ROOTKIT.CY [Trend Micro]
  • VirTool:WinNT/Xantvi.A [Microsoft]
  • Troj/Agent-HHC [Sophos]
  • TROJ_RENOS.AKQ [Trend Micro]
  • Hacktool.Rootkit!sd6 [PC Tools]
  • Backdoor.UltimateDefender!sd6 [PC Tools]
  • Backdoor.Win32.Small.gjm [Kaspersky Lab]
  • Downloader.MisleadApp [Symantec]
  • not-a-virus:Downloader.Win32.Agent.bs [Kaspersky Lab]
  • Troj/FakeAle-DQ [Sophos]
  • TROJ_VIRANTIX.BP [Trend Micro]
  • TROJ_VIRANTIX.C [Trend Micro]
  • Trojan-Dropper.Win32.Agent.xsb [Kaspersky Lab

Recommendation:

If you have got any trace of Backdoor.UltimateDefender on your system, we suggest you to take immediate steps for its detection and removal from your system.

Free Scan for Backdoor.UltimateDefender

Posted in BackdoorsComments (0)

Win32.Backdoor.Eklips Removal, Uninstall Win32.Backdoor.Eklips


What does Win32.Backdoor.Eklips does?

“Trojan.Backdoor.Eklips” is a detection for a group of Trojan Backdoor files.
Trojan horses pretend to be useful applications and hide their malicious intent from the user.
Furthermore, Backdoors are malicious programs which typically open a port on a victim’s system and allow the attacker to access and control the computer remotely.
Backdoors typically do not self-replicate.

Recommendation:

If you have got any trace of Win32.Backdoor.Eklips on your system, we suggest you to take immediate steps for its detection and removal from your system.

Free Scan for Win32.Backdoor.Eklips

Posted in BackdoorsComments (1)

Win32.Backdoor.Beasty Removal, Uninstall Win32.Backdoor.Beasty


What does Win32.Backdoor.Beasty does?

Backdoor.Beastdoor embeds itself into explorer.exe and iexplore.exe which can run without notice by the user. This trojan behaves as a backdoor which can be configure to disable firewalls and AV applications. Once run, it allows attacker to gain access and control over the infected machine. This trojan is also capable of sending notification to the attacker via email and ICQ.

When Backdoor.Beasty.E is executed, it does the following:

  1. Copies itself as these files:
    • %Windows%\Svchost.exe
    • %System%\Wbem\Wb.com
    • %System%\Com\Mscom32.com
  2. Creates the registry key:HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\
    {45DD0432-AA51-31EF-EEFA-06AA12E6115C}\StubPath = %System%\wbem\wb.com
  3. Adds the value:COM Service %System%\COM\mscom32.comto the registry key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
    Policies\Explorer
  4. May add the value, shell32.pif to the following registry keys:HKEY_CLASSES_ROOT\comfile\shell\open\command
    HKEY_CLASSES_ROOT\exefile\shell\open\command
    HKEY_CLASSES_ROOT\piffile\shell\open\command
    so that the Trojan is executed each time you execute a .com, .exe, or .pif file.

Other Names of Win32.Backdoor.Beasty

  • Backdoor.Beastdoor.HF [PCTools]
  • Backdoor.Beasty.G [Symantec]
  • Backdoor.Win32.Beastdoor.av [Kaspersky Lab]
  • BackDoor-AMQ [McAfee]
  • BKDR_BEASTDOOR.D [Trend Micro]

Recommendation:

If you have got any trace of Win32.Backdoor.Beasty on your system, we suggest you to take immediate steps for its detection and removal from your system.

Free Scan for Win32.Backdoor.Beasty

Posted in BackdoorsComments (0)

Advertise Here

Hot Deals - Ending Soon

Archives