| Name: |
Tro.IRCbot.lockx |
| Category: |
Trojan |
| Advice: |
Remove |
| Risk: |
Severe Risk
Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine. |
| Description:
|
Tro.IRCbot.lockx is a Trojan that arrives through AIM as a link to pictures.
Upon execution, Tro.IRCbot.lockx attempts to spread through IRC channels on TCP port 9513. A backdoor is also opened on the infected machine on TCP port 43. This backdoor can be used by attackers to perform other malicious activities. Tro.IRCbot.lockx will also cause unwanted pop-up advertisements on the infected machine.
Tro.IRCbot.lockx uses rootkit technology to hide the running process: lockx.exe
|
| Signatures:
|
process: lockx.exe: MD5 Hash: f5ef044e2886bf0e511.. |
| Type: |
Trojan - A worm is program that propagates by attacking other computers and copying itself to them. Worms may replace files, but do not insert themselves into files (as viruses do). |
