Trojan.Dozer will arrive on computers as an attached file which is detected as W32.Dozer and capable or dropping additional risk.
| Type | Trojan |
| Sub-Type | Downloader |
| Aliases | |
| OS Affected | Windows |
| Detected By | Sophos |
What Trojan.Dozer Does?
It opens a backdoor ports and connect on following IP address
- 172.16.8.24 through TCP port 80
- 213.33.116.41 through TCP port 53
- 216.199.83.203 through TCP port 80
- 213.23.243.210 through TCP port 443
The threat will drop the following malicious file/files:
- %System%\pxdrv.nls
How to Remove Trojan.Dozer Manually
1. Restart your computer in SafeMode
- After Power-On the computer, just before Windows start, press F8
- From the selections, Select SafeMode
2. Delete malicious file that the threat added:
- Base on the given location above, browse and delete the file
- If no location is given, click Start>Search> and search for the file.
- If cannot be deleted, press Ctrl+Alt+Del to access Task Manager, see if the file is running in the process. If it is, select the file and click End Process. Perform file delete again.
Good Information
Thankyou