Trojan:Win32/Danmec.gen!E

Posted: March 8, 2011

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	8/10
Infected PCs:	831

First Seen:	November 30, 2010
OS(es) Affected:	Windows

Trojans like Trojan:Win32/Danmec.gen!E are known for attacking PC security applications and settings, thereafter downloading other malware onto the infected computer. Most Trojans like Trojan:Win32/Danmec.gen!E will run in a concealed manner that prevents the user from acting on their presence until more obvious malware is installed; some Trojans imitate Windows system alerts in the process of malware drops while others drop the malicious software completely silently. Computers attacked by Trojan:Win32/Danmec.gen!E may also be vulnerable to keylogging and other behavior that puts passwords and similar private information at risk.

Where Trojan:Win32/Danmec.gen!E Came From and How It Got to You

Trojan:Win32/Danmec.gen!E has been known as a PC threat since late 2009, and may be used as an alias for a number of different minor malware variants. Some Trojan:Win32/Danmec.gen!E aliases include worms, which can spread through abusing network-shared resources and removable drives; you should assume any Trojan:Win32/Danmec.gen!E infection is able to do this until you've confirmed otherwise, to minimize the chance of infecting other machines.

The majority of Trojan:Win32/Danmec.gen!E infections, however, are simple Trojans that are unable to self-copy or append themselves onto other files. These types of Trojan:Win32/Danmec.gen!E will usually infect a computer by way of a user who downloads a misleading executable file or visits a dangerous website.

PCs with a Trojan:Win32/Danmec.gen!E infection are primarily at risk for attacks like these:

Keylogging and other behavior that records and transmits confidential data to remote criminals. Keylogging records all keystrokes from your keyboard into a log for later perusal by criminals, and there may be no obvious evidence of this activity even while it's happening. All typed and stored data are at risk when a keylogger or other form of spyware infects a computer.
Disabled security applications. Common tools like Task Manager, Control Panel, or anti-virus scanners may crash with or without erroneous infection messages. Commonly, this is one of the first things a Trojan like Trojan:Win32/Danmec.gen!E does to halt any possibility of deletion. This may also open your computer up to dangers from remote attackers in the case of backdoor Trojans.
Settings that are changed on your web browsers or other applications without any clear purpose. Typical examples include a homepage changed to a dangerous one and the enabling of proxy server use so that the Trojan can hijack your browser.
The appearance of new folders, files, or memory processes. This is the primary symptom of any Trojan, since infections like Trojan:Win32/Danmec.gen!E are coded to download and install other types of malware that may be more damaging or intrusive.

A Straightforward Solution to Trojan:Win32/Danmec.gen!E's Complex Problem

Removing Trojan:Win32/Danmec.gen!E and similar Trojans is a time-critical affair because waiting allows the malware infections to proliferate. Once you've acquired the right anti-malware applications and are sure they're updated, reboot your computer in Safe Mode to minimize the possibility of active malware. Safe Mode is accessible in any Windows system by tapping F8 after the system has started loading, but before Windows has begun to load.

Removing Trojan:Win32/Danmec.gen!E will be an easy job for these applications in most cases, if you've stopped the malware from running to hinder the process. The faster you do this, the less time other malware has to complicate matters, so be speedy in removing Trojan:Win32/Danmec.gen!E for a happy and healthy computer.

Trojan:Win32/Danmec.gen!E

Aliases

Agent3.RJD [AVG]TR/Danmec.E.3 [AntiVir]BackDoor.uBot.37 [DrWeb]Gen:Trojan.Heur.JP.dq0@aGpqKDkc [BitDefender]HEUR:Worm.Win32.Generic [Kaspersky]Artemis!9372DD523784 [McAfee]Agent2.BFOL [AVG]BackDoor.uBot.26 [DrWeb]Agent2.CBMP [AVG]Malware/Win32.Suspicious [AhnLab-V3]Heuristic.BehavesLike.Win32.Backdoor.H [McAfee-GW-Edition]TR/Danmec.64512.E.1 [AntiVir]BackDoor.uBot.31 [DrWeb]Win32.Asprox.Pak [eSafe]Adware.Purityscan [Symantec]
More aliases (117)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%WINDIR%\system32\aspimgr.exe

File name: aspimgr.exe
Size: 64 KB (64000 bytes)
MD5: 9372dd52378432fd8b3311314423e079
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: July 8, 2011

%WINDIR%\system32\system.exe

File name: system.exe
Size: 29.69 KB (29696 bytes)
MD5: 0faa2c10ddf06c1ea9c72fb6fb340baf
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: December 7, 2010

More files

Trojan:Win32/Danmec.gen!E

Threat Metric

Where Trojan:Win32/Danmec.gen!E Came From and How It Got to You

A Straightforward Solution to Trojan:Win32/Danmec.gen!E's Complex Problem

Trojan:Win32/Danmec.gen!E

Aliases

Technical Details

File System Modifications

Leave a Reply