Home Malware Programs Trojans Backdoor.Badpuck

Backdoor.Badpuck

Posted: February 10, 2011

Backdoor.Badpuck is a backdoor Trojan that will enable anonymous criminals to have access to your computer. With this access, they may create more malware infections, steal your information, or perform other illegal and damaging acts. Backdoor.Badpuck has a low infection rate and isn't very widespread, but its potential for harm shouldn't be overlooked. Delete Backdoor.Badpuck the very moment you notice Backdoor.Badpuck on your machine, and be sure to restore any altered security settings back to normal.

Putting a Frame of Reference on Backdoor.Badpuck

The Backdoor.Badpuck Trojan is a relatively simple and limited piece of malware, but this can make it more difficult for novices to detect easily. Although it creates various processes and files, Backdoor.Badpuck doesn't register any .dll files or change your registry. First reported in late 2010, Backdoor.Badpuck can target and infect many different variations of Windows, including very early ones such as Windows 95 and very modern ones like Windows 7.

You're not likely to see any plain and simple signs of Backdoor.Badpuck at work, and taking precautions to avoid infection in the first place is the best option. Checking your Task Manager for unusual processes or your hard drive for unusual files is the primary way of seeing Backdoor.Badpuck's presence. Good anti-virus software can also catch the Trojan with a quick scan, although rebooting into Safe Mode might be necessary to remove Backdoor.Badpuck fully.

The Skeleton Key to Your Machine

Backdoor.Badpuck only has one real purpose, and that's to permit a remote attacker to take over your computer. The hoops your computer may be made to jump through are only limited by the proficiency of the criminal on the other side, and as long as Backdoor.Badpuck remains the vulnerability will always be there. Even if you notice few signs of disturbances on your system, privacy and system security are rendered null and void. This can be particularly dangerous for your account passwords, credit card numbers, and online financial information, which may be stolen by the remote hacker.

Although few symptoms are hard-linked to Backdoor.Badpuck specifically, you may want to keep an eye open for some of these traits being exhibited:

  • Altered port settings, especially in the case of ports being opened that were previously closed.
  • Disabled central computer-maintenance software, such as anti-malware scanners, Search, or Task Manager.
  • A slow or unresponsive system. This may be caused by the remote attacker using your system resources for malicious purposes.
  • Your computer behaving as though 'possessed,' with mouse cursors moving on their own, typing appearing on the screen without your keyboard input, or the unauthorized use of peripherals such as printers.

Even if you don't experience these kinds of problems, not removing Backdoor.Badpuck will allow remote attackers to do what they will with your machine, regardless of your wishes. Exterminate Backdoor.Badpuck promptly and with the suitable tools and you should have few problems in the future.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %CurrentFolder%\iexplorer.exe
    2 %CurrentFolder%\load.exe
    3 %CurrentFolder%\stsdll.exe
    4 %CurrentFolder%\version.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"
Loading...