Monday, November 17, 2008

Dominador Backdoor

Removing Dominador
Categories: Backdoor,RAT
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\kernel32.exe
[%WINDOWS%]\system\kernel32.exe

How to detect Dominador:

Files:
[%WINDOWS%]\system\kernel32.exe
[%WINDOWS%]\system\kernel32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

Removing Dominador:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Look2Me Hijacker
Removing Small.atx Downloader

No comments: