Backdoor.Win32.IRCBot.jvw
Backdoor.Win32.IRCBot.jvw is a backdoor Trojan that creates serious security vulnerabilities in computers Backdoor.Win32.IRCBot.jvw infects. Infected computers may be exploited by remote attackers or be afflicted by other malware downloads. Backdoor.Win32.IRCBot.jvw will also use your PC's resources to take part in widespread illegal activities like DDoS attacks. Instant Messenger links are a known method of propagation for Backdoor.Win32.IRCBot.jvw, so be cautious about clicking on strange links, even if a friend sends them.
Instant Trojan Messaging and Other Infection Possibilities
Backdoor.Win32.IRCBot.jvw's most individual property is how the Trojan spreads through instant-messaging programs. Computers that are afflicted by Backdoor.Win32.IRCBot.jvw may have their address books and other contact information sources violated to allow the Trojan to message all possible 'friends'. Other probable routes of infection by Backdoor.Win32.IRCBot.jvw include downloading unsafe files from insecure file-sharing resources and visiting dangerous websites with default browser security settings.
Usually, you will not know even if you get a Backdoor.Win32.IRCBot.jvw infection, since the Trojan places startup entries in the Windows Registry to attach itself to the default booting configuration. This lets Backdoor.Win32.IRCBot.jvw run in the background, and it can only be seen by observing Backdoor.Win32.IRCBot.jvw's attacks based on side effects, like a slowdown of your system or mouse cursor interference.
Your PC - Another Unwilling Recruit in the DDoS Botnet Army
The habitation of Backdoor.Win32.IRCBot.jvw on any PC creates a number of hostile results for the user:
- The accurately-named Backdoor.Win32.IRCBot.jvw will join an IRC server and use this connection to turn your computer towards Denial-of-service attacks. These attacks are carried out by large networks of infected systems and are highly illegal, besides hijacking system resources for arbitrary actions without the user's consent.
- Remote attackers may abuse the vulnerable state of your Backdoor.Win32.IRCBot.jvw-hampered computer to steal information, install other malicious programs or control various aspects of the machine. This can be done surprisingly quickly after infection, since many Trojans like Backdoor.Win32.IRCBot.jvw will send out an alert to hackers when they successfully get on a PC.
- Backdoor.Win32.IRCBot.jvw doesn't require outside help to download other malware, though... Backdoor.Win32.IRCBot.jvw can do that just fine on its own, too. Other malware can fake the appearance of security tools, shut down programs like your Task Manager or anti-virus scanners, steal passwords or cause other forms of harm.
As always, preventing the infection from reaching you is the preferable option, but deleting Backdoor.Win32.IRCBot.jvw isn't something to hold back on if it needs to be done. Backdoor.Win32.IRCBot.jvw has been reported to infect most Windows systems including the recent Windows 7, so don't feel too safe unless you've verified your PC's security for yourself.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\bifrost
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\BifrostHKEY_LOCAL_MACHINE\SOFTWARE\BifrostHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4255CE37-83BE-2B4B-60F7-24CC8C364474}HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideoHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.