Momaker RAT

Momaker description:
Momaker Category:RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Detection Momaker :

Momaker Files:
[%WINDOWS%]\system\icd.exe
[%WINDOWS%]\system\kbdplug.dll
[%WINDOWS%]\system\nzrue32.exe
[%WINDOWS%]\system\icd.exe
[%WINDOWS%]\system\kbdplug.dll
[%WINDOWS%]\system\nzrue32.exe

Momaker Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Momaker:

you can run trial version of ExterminateIt, or remove Momaker manually.

---

To completely manually remove Momaker malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Momaker.

---

Also Be Aware of the Following Threats:
Get.Admin Trojan Removal
Remove Bancos.IMI Trojan
PowerSpider Trojan Removal