Tuesday, November 25, 2008

MagicLink Trojan

Removing MagicLink
Categories: Trojan,Backdoor,RAT,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
MagicLink Also known as:

[Kaspersky]Backdoor.CmjSpy.20.a,Backdoor.CmjSpy.14.a,Backdoor.CmjSpy.13.a,Backdoor.CmjSpy.166,Backdoor.CmjSpy.14.b,Backdoor.CmjSpy.c,Backdoor.CmjSpy.21.b,Backdoor.MagicLink.21.b,Backdoor.MSNCorrupt,Backdoor.CmjSpy.21.c,Backdoor.CmjSpy.24,Backdoor.CmjSpy.a,Backdoor.CmjSpy.b,Backdoor.CmjSpy.25.b,Backdoor.CmjSpy.15;
[Eset]Win32/MagicLink.21 trojan;
[McAfee]Generic BackDoor.b;
[F-Prot]security risk named W32/MagicLink.A,security risk or a "backdoor" program;
[Panda]Backdoor Program,Backdoor Program.LC,Bck/MagicLink,Bck/MSNCorrupt,Bck/MagicLink.21.c;
[Computer Associates]Backdoor/MagicLink.20!Client,Backdoor/MagicLink.20!Server,Backdoor/CmjSpy.14!Server,Backdoor/CmjSpy.13!Client,Backdoor/Cmjspy.16!Server,Backdoor/Cmjspy.C,Backdoor/MagicLink.14,Backdoor/MagicLink.21.c,Backdoor/Cmjspy.2.4,Backdoor/CmjSpy.B!Client,Backdoor/PSSMagic!Server,Backdoor/MagicLink.2.1
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\magic.exe
[%WINDOWS%]\system\magiclink.exe
[%WINDOWS%]\system\magiclink.exe.set
[%WINDOWS%]\system\mmsysdll.dll
[%WINDOWS%]\system\stemdllcou.vxd
[%WINDOWS%]\system\tdllcope.vxd
[%WINDOWS%]\temp\mmdlltxt.htm
[%WINDOWS%]\system\magic.exe
[%WINDOWS%]\system\magiclink.exe
[%WINDOWS%]\system\magiclink.exe.set
[%WINDOWS%]\system\mmsysdll.dll
[%WINDOWS%]\system\stemdllcou.vxd
[%WINDOWS%]\system\tdllcope.vxd
[%WINDOWS%]\temp\mmdlltxt.htm

How to detect MagicLink:

Files:
[%WINDOWS%]\system\magic.exe
[%WINDOWS%]\system\magiclink.exe
[%WINDOWS%]\system\magiclink.exe.set
[%WINDOWS%]\system\mmsysdll.dll
[%WINDOWS%]\system\stemdllcou.vxd
[%WINDOWS%]\system\tdllcope.vxd
[%WINDOWS%]\temp\mmdlltxt.htm
[%WINDOWS%]\system\magic.exe
[%WINDOWS%]\system\magiclink.exe
[%WINDOWS%]\system\magiclink.exe.set
[%WINDOWS%]\system\mmsysdll.dll
[%WINDOWS%]\system\stemdllcou.vxd
[%WINDOWS%]\system\tdllcope.vxd
[%WINDOWS%]\temp\mmdlltxt.htm

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing MagicLink:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove TargetSaver Downloader
Tokid Trojan Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)