AimFrame

· Overview ·
· Origins ·
· Distribution ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Vendor Notes:

 From the doc: 'AimFrame is a piece of software designed to act as a third party in the connection of Aol Instant Messenger (AIM) and the AIM server. I basicly runs a server on the local computer that it is run on and changes the settings in aim to connect to that server. When AIM sends the request to connect to the sever, it goes that that program. Then, AimFrame will redirect the request to the aim server. By doing this, all data sent from the server to the client goes through AimFrame, and all data sent from the client to the server goes through AimFrame. There have been other programs such as 'AimFilter' which uses this same concept. But never has this concept been incorporated remotely. Now you can discretely connect to a computer running AimFrame, and send commands to both the AIM client, and the AIM server.'

Alias:

 AIM-Watch [McAfee], Backdoor Program [Panda], Backdoor.AIMFrame, Backdoor.AIMFrame [Kaspersky], Bck/Generic [Panda], security risk or a "backdoor" program [F-Prot], Win32.AimWatch.20 [Computer Associates], Win32/AIMFrame.A trojan [Eset], Win32/AimFrame.IP_Stealer.Trojan [Computer Associates], Win32/Aimframe.Trojan [Computer Associates]

Category:

Backdoor: A secret or undocumented means of getting into a computer system, or software that uses such a means to penetrate a system. Some software has a backdoor placed by the programmer to allow them to gain access to troubleshoot or change the program. Software that is classified as a "backdoor" is designed to exploit a vulnerability in a system, and open it to future access by an attacker.

Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.

Similar Pests:

 Backdoor · Trojan

Origins

Author:

 Chiptricky

Programming Language:

 Visual Basic

Date of Origin:

 October, 2002

Distribution

Prevalence:
  • AimFrame: < 0.00005%
    • More Info

    Clot Factor:
  • AimFrame: < 1

    • The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone.

    Countries Affected:

    		 In the past three months, we have received reports of AimFrame in United States.

    Operation

    Storage Required:
  • AimFrame: at least 257 KB
    		•

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove AimFrame from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 April 25, 2005