Backdoor.Krademok
Posted: March 6, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 6/10 |
---|---|
Infected PCs: | 29 |
First Seen: | March 6, 2012 |
---|---|
OS(es) Affected: | Windows |
Backdoor.Krademok is a technical label for the Dark Comet Trojan, a backdoor Trojan that creates security vulnerabilities and installs other harmful files onto your PC. Criminals may use command servers to control your PC via Backdoor.Krademok, which can be exploited for generic attacks that include the ability to steal passwords and record webcam data. Other than initial pop-up windows, Backdoor.Krademok doesn't display many symptoms, and SpywareRemove.com malware researchers recommend using anti-malware scanners to detect and remove Backdoor.Krademok infections when necessary. Although Backdoor.Krademok was originally detected in December of 2011, Backdoor.Krademok can update itself, and you likewise should keep your security software update to insure that Backdoor.Krademok can be found and deleted without trouble.
Backdoor.Krademok – a Spy without Much to Give Itself Away to Your Sight
Backdoor.Krademok is advertised and sold to criminals as the Dark Comet RAT (or Remote Administration Tool) at its home site, and this allows its services to be used by many different sources, albeit for a hefty price tag. The malicious components of a Backdoor.Krademok program may also be detected by several aliases, such as Generic Backdoor.xa, Mal/Behav-058, Backdoor.Win32.Finlosky.b or Trojan.Win32.CDur. Like most types of backdoor Trojans, Backdoor.Krademok isn't inclined to give many symptoms of its attacks, although you may see some pop-up notifications during Backdoor.Krademok's initial installation. Backdoor.Krademok may also be detectable from Task Manager and other utilities that allow you to view active memory processes.
The infection or client side of Backdoor.Krademok can be updated to include other functions, but Backdoor.Krademok's default features include the following attacks, which SpywareRemove.com malware researchers rate as significant threats to your computer's security and privacy:
- Backdoor.Krademok may record your webcam feed.
- Backdoor.Krademok may steal account passwords through a variety of common spyware tactics, such as keylogging or scanning browser caches for personal information.
- Definitively, Backdoor.Krademok will create a backdoor on your PC that allows the aforementioned criminals to exert a limited amount of control. This can include letting criminals run malicious scripts, execute malicious files, initiate downloads or alter your Windows settings.
Why It's Not Necessary to Cower Under the Shadow of This Dark Comet
If left alone, Backdoor.Krademok can cause non-negligible damage to your computer, and SpywareRemove.com malware researchers always recommend that you remove Backdoor.Krademok and similar backdoor Trojans as soon as they're detected. However, due to its low distribution and the fact that Backdoor.Krademok can be removed easily by competent anti-malware programs, there's no need to panic if you do catch a Backdoor.Krademok infection.
Disabling all active PC threats via Safe Mode, a USB drive boot or other methods will allow you to scan your PC without interferences from Backdoor.Krademok. Despite this, removing Backdoor.Krademok without any form of software-based aid isn't recommended, since Backdoor.Krademok may name its components after Windows files and will make alterations to your PC that are easiest to erase via appropriate security products. SpywareRemove.com malware researchers have noted that Backdoor.Krademok is strictly designed to attack Windows, although Backdoor.Krademok may affect most versions of that platform up to, at least, Windows XP and Vista.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:[RANDOM].exe
File name: [RANDOM].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Temp%\dclogs
File name: %Temp%\dclogsGroup: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\DC3_FEXECHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideoHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.