|
ICKiller
ICKiller trojan - DoS attacker
ICKiller is a denial of service program that was made so that idiot wannabe hackers could flood peoples ICQ with thousands of messages which would take forever for the victim to clear and would probably use up all the victims resources and crash there computer.
This trojan is available from many websites all over the net, though not so common now ( because it doesn't work with ICQ 99 ) it is still very widespread among the wannabe hacker crowd.
So why am I talking about an ICQ message flooder ? well the funny thing about this program is that it is actually a trojan as well. Often unknown to its victims who think they are among the elite hackers because they have a program that will flood peoples ICQ.
Here are the details of this trojan :
ICKiller is a Windows application that will attempt to replace the user's Windows Explorer application with its own, modify the Windows registry of the host system, and kill the users ICQ session by flooding his machines with messages (HTTP34.OCX and DSSOCK32.OCX.)
On execution, ICKiller creates the file 1.exe and then puts it as Explorer.exe into C:. Then the system keeps the processes of ICKiller.exe, 1.exe, and Explorer.exe running in the background.
The Trojan also attempts to modify the Windows registry so that it will be run on system start-up.
If you find this trojan on your computer, you will need to terminate the running processes of ICKiller, 1, and Explorer in order to remove the data the trojan puts into the registry and to copy the clean application of Windows Explorer from the CD into Windows directory. You will need to
delete fake version of Explorer.exe in Windows and the copies of HTTP32.OCX and DSSOCK32.OCX.
I also recommend that you change your dialup, ICQ, and main Windows passwords to make sure there are no negative effects created by the Trojan.
|
|
