HTTP Backdoor
HTTP description:
HTTP Category:Backdoor,RAT,Hacker Tool,DoS
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.
Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.
Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:
- Launching/ deleting files
- Sending/ receiving files
- Deleting data
- Displaying notification
- Rebooting the machine
- Executing files
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.
These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.
Detection HTTP :
HTTP Files:
[%WINDOWS%]\cookies\ck16.exe
[%WINDOWS%]\cookies\ck412.exe
[%WINDOWS%]\cookies\ckmgr.exe
[%WINDOWS%]\cookies\sys412.exe
[%WINDOWS%]\cookies\ck16.exe
[%WINDOWS%]\cookies\ck412.exe
[%WINDOWS%]\cookies\ckmgr.exe
[%WINDOWS%]\cookies\sys412.exe
HTTP Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
Removing HTTP:
you can run trial version of ExterminateIt, or remove HTTP manually.To completely manually remove HTTP malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with HTTP.
Also Be Aware of the Following Threats:
Comforest Trojan Removal
NetTrash Backdoor Information
EPAN Trojan Removal
Vxidl.AFI Trojan Cleaner
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home