Aliases: N/A
Variants: N/A

Classification: Malware
Category: Trojan Horse

Status: active & spreadings
Spreading: moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: easy
Platform: W32
Discovered: 11 Mar 2003
Damage: medium

Characteristics: W32.CVIH.Trojan is a Trojan horse. It copies itself to the %System% folder and systems folder.

More details about W32.CVIH.Trojan

The program has backdoor functions. It is commonly used by other malware applications for its backdoor capability. It is used by malware programs to communicate with remote servers on the Internet via Hypertext Transfer Protocol (HTTP). These unwanted applications retrieve additional components from these online sources. These malware programs, which utilize the application, include Remote Access Tools (RATs), monitoring software, adware programs and Trojan downloaders. The W32.CVIH.Trojan program creates unauthorized network connection between remote systems and the user’s computer. It allows a remote user to send commands on the computer. The remote commands may include monitoring the user’s activities, collecting information stored on the computer, deleting files, modifying the system’s configuration and rebooting the system. The application may allow a remote user to take full control of the computer.

The W32.CVIH.Trojan application is often acquired as a dropped file of other Trojan programs. It may also be obtained by unsuspecting users while browsing the World Wide Web. The process is also referred to as drive-by-download. Users visiting websites with unreliable contents may unknowingly install the application. Other distribution channels used by the program include e-mail, peer-to-peer (P2P) file sharing networks, unsecured network shares and freeware and shareware applications. The installation of the program is done without the user’s knowledge.