Know Your Malware; Dasher.d Removal

Dasher.d is an Internet worm that infects vulnerable remote computers running the Microsoft Windows operating system with unpatched security flaws. The infection process does not require any user interaction. Once installed, Dasher.d runs a spreading routine. Then it opens a back door that provides the attacker with unauthorized remote access to a compromised computer.

The intruder can download from a predefined FTP server and execute arbitrary files. Dasher.d also terminates some running antivirus programs, firewalls and other security-related software. It is able to lower security settings on the infected system by altering the Windows registry.

Related files: sqlexp.exe, sqlexp1.exe, sqlexp2.exe, sqlexp3.exe, sqlscan.exe, sqltob.exe

Dasher.d properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Dasher.d, removal instructions

Linked by shanmuga Monday, 26th December 2005 9:12PM