Backdoor.Dipigger
You must keep the computer safe and away from Backdoor.Dipigger by having updated security software. If the Trojan does enter your PC due to lack of protection, follow the procedure on this page to remove it.
Backdoor.Dipigger is a Trojan that will give remote attacker an access to infected system. This threat also allows an attacker to run arbitrary commands that will add harm on the computer. It is observed that this Trojan may communicate with various servers using shell or http protocol. These servers may host other malicious files, which can update Backdoor.Dipigger.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista, Windows 7
Characteristics
When Backdoor.Dipigger is executed, it will drop several files inside Windows directory. These malicious files are essential to Trojans operation. To execute the file on Windows start-up, Backdoor.Dipigger will create a registry entry and add subkey to an existing one:
- HKEY_LOCAL_MACHINE\SOFTWARE\XXX_[eight random alpha-numeric characters]
Once the Trojan is operational, it will create a backdoor to allow a remote attacker in performing the following:
- Explore infected computer’s files and folders
- Take screen shot image and save the file to specific folder
- View the list of running processes and create a log of it
- Steal sensitive information by recording key strokes from the compromised PC
Next, Backdoor.Dipigger will attempt to communicate to predefined remote computers/servers to download more threats and update itself.
Distribution
Backdoor.Dipigger normally arrives as a threat dropped by another Trojan. It may also acquire from maliciously created web sites or legitimate web sites that are compromised by a Trojan. With special characteristics of this threat, possibilities to spread itself are extensive and unpredicted.
[cf]files[/cf]
How to Remove Backdoor.Dipigger
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. To be able to identify even the most recent variant of Backdoor.Dipigger, open your antivirus application and update the virus definition file.
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 on your keyboard repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Please select Safe Mode with Networking.
- The system will now boot Windows and loads only necessary drivers and files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable to delete, better place them in quarantine. Once the scan is complete, please proceed with the next step.
Scan with Norton Power Eraser:
Free tool from Symantec called Norton Power Eraser provides deep scanning technology to detect and remote threats like Backdoor.Dipigger. NPE targets and eliminate threats that regular virus scan fails to identify. Download NPE here.
Important! Because of Norton Power Eraser’s aggressive method, it can select even legitimate files as suspicious. Please use this tool very carefully.
Alternative Removal Method for Backdoor.Dipigger
Option 1 : Use Windows System Restore to return Windows to previous state
If Backdoor.Dipigger enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Backdoor.Dipigger infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.
Option 2 : Backdoor.Dipigger manual uninstall guide
IMPORTANT! Manual removal of Backdoor.Dipigger requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.
1. Kill any running process that belongs to Backdoor.Dipigger.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Backdoor.Dipigger files (refer to Technical Reference) and click End Process.
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Backdoor.Dipigger.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.