Home Malware Programs Backdoors Backdoor.Eminoc


Posted: December 2, 2011

Threat Metric

Threat Level: 8/10
Infected PCs: 74
First Seen: December 2, 2011
OS(es) Affected: Windows

Backdoor.Eminoc is a damaging backdoor Trojan that opens a back door on the affected PC. Backdoor.Eminoc collects system information and takes screenshots. When Backdoor.Eminoc is executed, it makes changes to system settings, for example, downloads and executes files. Backdoor.Eminoc also injects itself into Internet Explorer. Backdoor.Eminoc will change the DNS addresses in order to avoid blocking its C&C domains. Backdoor.Eminoc allows the attacker to execute numerous malicious actions. Backdoor.Eminoc updates or uninstalls itself and restarts or shut downs the compromised PC. Backdoor.Eminoc may also connect to certain malicious domains. You should remove Backdoor.Eminoc immediately after detection.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%Windir%\System32\conime.exe (Backdoor.Eminoc!inf) File name: %Windir%\System32\conime.exe (Backdoor.Eminoc!inf)
Mime Type: unknown/Eminoc!inf)
Group: Malware file
%Windir%\System32\Eminoc_bd.dll File name: %Windir%\System32\Eminoc_bd.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file