Notice: Undefined variable: incprefix in /data/www/spywareguide/product_show.php on line 241
Category Description:
Virus-like program that spreads automatically to other computers by sending itself out by email or by any other means. A program that propagates itself by attacking other machines and copying itself to the affected machine.
Worms have self-replicating code that travels from machine to machine by various means. A worms first objective is merely propagation. Worms can be destructive depending on what payload they have been given. Worms may replace files, but do not insert themselves into files.
Comment:
Backdoor.DRam is a worm and IRC backdoor Trojan , which runs continuously in the backdrop, providing a backdoor server on a random port. It connects to an Internet Relay Chat (IRC) server and joins a specific channel, where it listens for instructions from a distant malicious user. The supposed instructions are implemented locally on affected machines.
It can perform denial of service (DoS) attacks against target sites using different flood methods.
This worm is capable of gathering and stealing Microsoft product keys as well as application product IDs from popular software products installed on affected machines.
Manual
removal:
This worm disables the DCOM protocol and restricts anonymous access to the affected system by modifying the following registry entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
EnableDCOM = "N"
(Note: The default value for the said registry entry is EnableDCOM = "Y".)
Steps To Change it:
1.Click Start, click on Run .
2.Type RegEdit .
3.Navigate to Registry Key "HKEY_LOCAL_MACHINE\Software\Microsoft\OLE"
4.On Right side of Window select "EnableDCOM"
5.Right Click on it, and select option "Modify"
6.Replace the changed value "N" to "Y"
5 [