Home / Parasites / Trojans / Backdoor.Winnti
Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Connects to the internet without permission
  • Installs itself without permissions
  • Slow Computer
  • Slow internet connection
  • System crashes
Other mutations known as:
Backdoor.Winnti.B

Backdoor.Winnti

Backdoor.Winnti is a Trojan with backdoor functionally that allows remote access and control of the target computer. It was first detected in October 2011 and it can affect various systems that run on 32-bit or 64-bit Windows, including Windows XP, Windows Vista, Windows 7 and others. It might take some time before the user becomes aware that his computer has been compromised by Backdoor.Winnti. And before that happens the backdoor Trojan can cause a lot of damage.

Usually Backdoor.Winnti enters the target computer pretending to be a PDF file, exploiting a vulnerability found in Adobe Reader called "CoolType.dll" TTF Font Remote Code Execution Vulnerability. If the user has downloaded the latest updates for Adobe Reader, this vulnerability should be fixed, but a lot of users consciously turn off the updates reminder, and their computer becomes vulnerable to such outside threats as Backdoor.Winnti due to unfixed bugs.

Naturally, after the installation Backdoor.Winnti is configured to start automatically together with Windows. Then, once the system has booted, it connects to lp.apanku.com, b0t.meibu.com, ad.jcrsoft.com, bot.timewalk.me and other server to receive configuration data from the attacker behind this infection. Due to the fact that Backdoor.Winnti's behavior depends on what the attacker wants it do it, there is a whole list of actions this Trojans is known for.

For example, Backdoor.Winnti can create random files, hijack processes in order to stay hidden from security products, set up and delete user accounts, kill Windows firewall, and send the infected system's information to the hacker behind this. Because of Backdoor.Winnti cyber criminals can easily find out what kind of operating system you're using. The list of your drives, host name, product ID, CPU, processor name and other important system information can also be obtained via Backdoor.Winnti.

Therefore, the sooner you remove Backdoor.Winnti from your computer the better. If you have no confidence in deleting the Trojan's files on your, choose automatic removal and erase Backdoor.Winnti with a computer security program of choice. Get rid of this backdoor Trojan and all the related malware before your system crashes.

Download Spyware Removal Tool to Remove* Backdoor.Winnti
  • Quick & tested solution for Backdoor.Winnti removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Backdoor.Winnti

Files associated with Backdoor.Winnti infection:

apphelp.dll

Backdoor.Winnti DLL's to remove:

apphelp.dll
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US