Categories: Trojan,Worm,Backdoor,RAT,Downloader,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Worms can be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.
These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.
DoS trojans conduct such attacks from a single computer with the consent of the user.
Worms can carry a DoS procedure as part of their payload.
[Kaspersky]Win95.CIH,Win95.CIH.1024,Win95.CIH.1019.c,Win95.CIH-Killer.1373,Win95.CIH.1003.b,Win95.CIH.1026,Win95.CIH.1035,Win95.CIH.1040,Win95.CIH.1042,Win95.CIH.1230,Win95.CIH.1363,Win95.CIH.1262;
[McAfee]W95/CIH;
[F-Prot]W32/CIH.1003.A,contains W32/CIH.1003.A (non-working),W32/CIH.1019.C,W32/Cih_Killer.1373,W32/CIH.1003.B,W32/CIH.1026,W32/CIH.1035,W32/CIH.1040,W32/CIH.1042,W32/CIH.1103,W32/CIH.1230,W32/CIH.1230.intended;
[Panda]W95/CIH,W95/CIH.Killer.1373,W95/CIH.1003.B,W95/CIH.1042;
[Computer Associates]Win95.CIH.1003.A,Win95/CIH.1003,Win95.CIH.family,Win95/CIH.1024,Win95.CIH.1003.D/1010/1024,Win95.CihKiller.1373,Win95.FCIH,Win95.CIH.1040,Win95.CIH.1042,Win95.CIH.1103/1297,Win95.FCIH.1230
How to detect W95.CIH:
Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing W95.CIH:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Remove JScript.Exception Trojan
No comments:
Post a Comment