dcemgr.exe - Dangerous

dcemgr.exe

Fix it immediately:

Manual removal instructions:

Antivirus Report of dcemgr.exe:

dcemgr.exe	Malware
dcemgr.exe	Dangerous
dcemgr.exe	High Risk

dcemgr.exe

Backdoor.Tumag allows unauthorized remote access to an infected computer. By default, the backdoor listens on TCP port 9010.

When Backdoor.Tumag is executed, it performs the following actions:
Copies itself as:
%System%\dcemgr.exe
%System%\dcemgr2.exe

Creates the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DCE
to keep track of the infection's progress.

Connects to dns2010.vicp.net or 218.242.161.151 on port 9002 to notify the author of the backdoor.
Opens a backdoor on TCP port 9010 and listens for commands from the attacker.

The backdoor can perform the following default actions:
- Update itself
- Take a screenshot
- Provide system information
- Create files
- Execute programs

Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "DCE Manager"="%System%\dcemgr.exe"

Remove dcemgr.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.

dcemgr.exe - Dangerous

dcemgr.exe

Fix it immediately:

Manual removal instructions:

Dmitry Sokolov:

Testimonials

Download for free

Links

Select