Categories: Trojan,Adware,BHO,Worm,Backdoor,RAT,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.
[Kaspersky]Backdoor.GF.13,Nuker.c2;
[Eset]Win32/Dialer.U trojan;
[McAfee]GirlFriend;
[F-Prot]destructive program;
[Panda]Trj/AF.20,Dialer.Gen,Dialer.UM,Dialer.JL,Dialer.BB,Trojan Horse,Dialer.KI,Bck/GF.13,Trj/W32.Nuker.c2;
[Other]Adware-SafeSurf.dr,W32/Agen.HLE
Visible Symptoms:
Files in system folders:
[%PROFILE%]\start menu\w1inmovieplugin.lnk
[%SYSTEM%]\services\dial.exe
[%WINDOWS%]\system\services\coolers.exe
[%WINDOWS%]\system\services\dale.exe
[%WINDOWS%]\system\services\losvse.exe
[%PROFILE%]\start menu\w1inmovieplugin.lnk
[%SYSTEM%]\services\dial.exe
[%WINDOWS%]\system\services\coolers.exe
[%WINDOWS%]\system\services\dale.exe
[%WINDOWS%]\system\services\losvse.exe
How to detect Win32:
Files:
[%PROFILE%]\start menu\w1inmovieplugin.lnk
[%SYSTEM%]\services\dial.exe
[%WINDOWS%]\system\services\coolers.exe
[%WINDOWS%]\system\services\dale.exe
[%WINDOWS%]\system\services\losvse.exe
[%PROFILE%]\start menu\w1inmovieplugin.lnk
[%SYSTEM%]\services\dial.exe
[%WINDOWS%]\system\services\coolers.exe
[%WINDOWS%]\system\services\dale.exe
[%WINDOWS%]\system\services\losvse.exe
Folders:
[%PROGRAM_FILES%]\dfind.x32
[%PROGRAM_FILES%]\dfind.x64
Registry Keys:
HKEY_CURRENT_USER\software\dfind.x32
HKEY_CURRENT_USER\software\dfind.x64
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\dfind32109
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\dfind64109
Removing Win32:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Removing TrojanSpy.Win32.KeyLogger.al Trojan
p0rn.related Adware Removal instruction
Noob Trojan Cleaner
Bancos.BQO Trojan Symptoms
No comments:
Post a Comment