Saturday, November 8, 2008

Ping.Door Backdoor

Removing Ping.Door
Categories: Backdoor,RAT
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Ping.Door Also known as:

[Kaspersky]Backdoor.Liondoor.04,Backdoor.Pingdoor.041;
[McAfee]BackDoor-AOG;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program,Bck/Pingdoor.041;
[Computer Associates]Backdoor/Liondoor.04!Server,Backdoor/Pingdoor.041!Server
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\exul2.exe
[%SYSTEM%]\icsxml\mset_bbi8010.dll
[%SYSTEM%]\icsxml\mset_bbi80101.dll
[%SYSTEM%]\mset_bbi8010.dll
[%SYSTEM%]\mset_bbi80101.dll
[%WINDOWS%]\bargain3.exe
[%SYSTEM%]\exul2.exe
[%SYSTEM%]\icsxml\mset_bbi8010.dll
[%SYSTEM%]\icsxml\mset_bbi80101.dll
[%SYSTEM%]\mset_bbi8010.dll
[%SYSTEM%]\mset_bbi80101.dll
[%WINDOWS%]\bargain3.exe

How to detect Ping.Door:

Files:
[%SYSTEM%]\exul2.exe
[%SYSTEM%]\icsxml\mset_bbi8010.dll
[%SYSTEM%]\icsxml\mset_bbi80101.dll
[%SYSTEM%]\mset_bbi8010.dll
[%SYSTEM%]\mset_bbi80101.dll
[%WINDOWS%]\bargain3.exe
[%SYSTEM%]\exul2.exe
[%SYSTEM%]\icsxml\mset_bbi8010.dll
[%SYSTEM%]\icsxml\mset_bbi80101.dll
[%SYSTEM%]\mset_bbi8010.dll
[%SYSTEM%]\mset_bbi80101.dll
[%WINDOWS%]\bargain3.exe

Folders:
[%PROGRAM_FILES%]\bargain buddy

Registry Keys:
HKEY_CLASSES_ROOT\interface\{8eee58d5-130e-4cbd-9c83-35a0564e5678}
HKEY_CLASSES_ROOT\interface\{c6906a23-4717-4e1f-b6fd-f06ebed15678}
HKEY_CLASSES_ROOT\typelib\{4eb7bbe8-2e15-424b-9ddb-2cdb9516b2c3}
HKEY_CLASSES_ROOT\typelib\{4eb7bbe8-2e15-424b-9ddb-2cdb9516e2a3}

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing Ping.Door:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)