AVirt Mail Server 3.3a Remote Oveflow

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Alias:

 Exploit.Win32.Avirtex [Kaspersky], Exploit-AVBO [McAfee], security risk or a "backdoor" program [F-Prot], Trojan Horse.LC [Panda], Win32/Exploit.Avirtex trojan [Eset]

Category:

DoS: An exploit whose purpose is to deny somebody the use of the service: namely to crash or hang a program or the entire system. Examples of DoS attacks include flooding the victim with more traffic than can be handled; flooding a service (like IRC) with more events than it can handle bomb; crashing a TCP/IP stack by sending corrupt packets; crashing a service by interacting with it in an unexpected way; or hanging a system by causing it to go into an infinite loop. For example, the Ping of Death exploit crashed machines by sending illegally fragmented packets at a victim. A common word for DoS is ""nuke"", which was first popularized by the WinNuke program.

Exploit: A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. Exploits are the root of the hacker culture. Hackers gain fame by discovering an exploit. Others gain fame by writing scripts for it. Legions of script-kiddies apply the exploit to millions of systems, whether it makes sense or not. Since people make the same mistakes over-and-over, exploits for very different systems start to look very much like each other. Most exploits can be classified under major categories: buffer overflow, directory climbing, defaults, Denial of Service.

Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.

Similar Pests:

 DoS · Exploit · Trojan

Origins

Author:

 Luck Martins

Date of Origin:

 November, 1999

Operation

Storage Required:
  • AVirt Mail Server 3.3a Remote Oveflow: at least 21 KB
    		•

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove AVirt Mail Server 3.3a Remote Oveflow from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 October 29, 2004