- Armageddon trojan: F1/P2
- IRC bot: P1/P2
- Fake codecs, zlob and variants:P1/P2
Kav prevents only the malware from being permanent, not the download of roque products.
In a live system, this trojan is difficult to remove for inexperienced users ("rebirth protection method": once killed, it restarts itself).
-Trojan downloader Wimad: P1/P2
This is a .wav file which takes advantage of a social engineering attack: you need to download some files for listening to this file.
- MSN Spammer: P1/P2
-SDBOT AVM: P1/P2
- backdoor zapchast: P1/P2
NB. A real life example of this generic IRC bot/backdoor by Mark Russinovich here.
-wmf trojan downloaders: P1/P2
As we take the point of view of a normal user, we have permitted an access to the net, and the desktop has changed:
Bur we consider the test as "Pass" (ability in prevention after the reboot).
-Backdoor Nethief.XP.q: P1/P2
Sorry, we do not understand chinese yet...perhaps should we train ourself for the next Olympic games...
-Backdoor UpRootkit: P1/P2
This is here an execllent example of "intruder/hacker tool": the server side bypass most port mappers (CurrPorts for instance) and some firewall.
The first goal is to give to the attacker a shell for a stealth intrusion (once connected to the server, the attacker can hide objects).
Here we do not focus on rootkit features, we just install the server side file as a backdoor/trojan.