Thursday, November 6, 2008

KnightSeven Backdoor

Removing KnightSeven
Categories: Backdoor,RAT
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.


KnightSeven Also known as:

[Kaspersky]Backdoor.Knightseven.10;
[Panda]Backdoor Program;
[Computer Associates]Backdoor/Knightseven.1_0

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe

How to detect KnightSeven:

Files:
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing KnightSeven:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

No comments: