Categories: Trojan,Spyware,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
[Kaspersky]TrojanSpy.Win32.Delf.bk,TrojanSpy.Win32.KeyLogger.c;
[Panda]Trojan Horse;
[Computer Associates]Backdoor/Servsax.A!Server,Win32.ServsaxVisible Symptoms:
Files in system folders:
[%SYSTEM%]\inetsxa.dll
[%SYSTEM%]\reshl32.lib
[%SYSTEM%]\srvexc.exe
[%SYSTEM%]\inetsxa.dll
[%SYSTEM%]\reshl32.lib
[%SYSTEM%]\srvexc.exe How to detect Servsax:
Files:
[%SYSTEM%]\inetsxa.dll
[%SYSTEM%]\reshl32.lib
[%SYSTEM%]\srvexc.exe
[%SYSTEM%]\inetsxa.dll
[%SYSTEM%]\reshl32.lib
[%SYSTEM%]\srvexc.exe
Folders:
[%PROGRAMS%]\iipwr package
[%PROGRAM_FILES%]\iipwr package
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{b91d4568-d492-11d3-8021-0010e3b966ce}
HKEY_CLASSES_ROOT\emmanuel.simplednsclient
HKEY_CLASSES_ROOT\emmanuel.simplednsclient.1
HKEY_CLASSES_ROOT\interface\{b91d4567-d492-11d3-8021-0010e3b966ce}
HKEY_CLASSES_ROOT\typelib\{b91d4558-d492-11d3-8021-0010e3b966ce}
HKEY_LOCAL_MACHINE\software\iipwr.com\iipwr package
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\iipwr package
HKEY_LOCAL_MACHINE\software\pwinwrtt
Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing Servsax:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Command.and.Control RAT Cleaner
Removing Itavir Trojan
Family.Cyber.Alert Spyware Information
No comments:
Post a Comment