Categories: Trojan,Backdoor,RAT
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.
These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
[Kaspersky]Backdoor.NetMon,Backdoor.Netspy.10,Backdoor.Netspy.106,Backdoor.Netspy.20.b,Backdoor.Netspy.20.f,Backdoor.Netspy.20.d,Backdoor.Netspy.30.b,Backdoor.Netspy.20.e,Backdoor.Netspy.20.h,Backdoor.Netspy.20.i,Backdoor.Netspy.30.e;
[Eset]Win32/NetSpy.20.E trojan,Win32/NetSpy.20.F trojan,Win32/NetSpy.20.H trojan,Win32/NetSpy.20.I trojan,Win32/NetSpy.30.E trojan,Win32/NetSpy.30.C trojan,Win32/NetSpy.30.D trojan,Win32/NetSpy.1_01 trojan;
[McAfee]Junk-NavQuar,BackDoor-N,Generic;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program.LC,Bck/NetSpy.10.A,Bck/NetSpy.106,Bck/NetSpy.20.B,Backdoor Program,Bck/Netspy.20.d,Bck/Netspy.20.E;
[Computer Associates]Backdoor/Netspy.10,Backdoor/NetSpy.1_06,Win32.Netspy.106,Backdoor/NetSpy.2.0.B!Server,Backdoor/NetSpy.20,Backdoor/NetSpy.20.b,Backdoor/Netspy.20.D,Backdoor/NetSpy.2.0.A.Server,Backdoor/Netspy.20.E!Server,Win32.NetSpy.20.E,Win32.NetSpy.30.B,Win32/NetSpy.30.B.Trojan,Backdoor/Netspy.30.e.Server,Backdoor/NetSpy.1_10,Backdoor/Netspy.30.c,Backdoor/Netspy.30.d,Backdoor/Netspy.101Visible Symptoms:
Files in system folders:
[%SYSTEM%]\system.exe
[%PROGRAMS%]\invisia software\invisia software netspy.lnk
[%SYSTEM%]\netdd.exe
[%WINDOWS%]\system\netdd.exe
[%SYSTEM%]\system.exe
[%PROGRAMS%]\invisia software\invisia software netspy.lnk
[%SYSTEM%]\netdd.exe
[%WINDOWS%]\system\netdd.exe How to detect NetSpy:
Files:
[%SYSTEM%]\system.exe
[%PROGRAMS%]\invisia software\invisia software netspy.lnk
[%SYSTEM%]\netdd.exe
[%WINDOWS%]\system\netdd.exe
[%SYSTEM%]\system.exe
[%PROGRAMS%]\invisia software\invisia software netspy.lnk
[%SYSTEM%]\netdd.exe
[%WINDOWS%]\system\netdd.exe
Folders:
[%PROFILE%]\start menu\programs\invisia software
[%PROGRAM_FILES%]\insp32
Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\netspy.exe
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\winimp
Removing NetSpy:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Pigeon.EPF Trojan Removal instruction
Remove VioClicks.com Tracking Cookie
Pigeon.DZY Trojan Removal instruction
Veslorn Trojan Removal
Marawi Trojan Removal instruction
No comments:
Post a Comment