FDoS-Csium

This detection is for a malware application which provides various functionality to the user, some of which is denial of service (DoS) related.

When the malware is executed, the user is presented with the following disclaimer:

Upon accepting this, the main console is presented:

Functionality available to the user from the main console includes:

• Ping of death - repeatedly ping remote machine
• Folder flooder - create multiple folders on local/remote drives
• Printer flooder - print multiple items (blank, or containing text)
• Message flooder - send repeat messages to other computers on domain

This malware application can be used to perform various functions, mostly denial of service related.

All Users:
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

But in some particular cases, the following steps need to be taken.

Please go to the Microsoft Recovery Console and restore a clean MBR.

On Windows XP:

• Insert the Windows XP CD into the CD-ROM drive and restart the computer.
• When the "Welcome to Setup" screen appears, press R to start the Recovery Console.
• Select the Windows installation that is compromised and provide the administrator password.
• Issue 'fixmbr' command to restore the Master Boot Record
• Follow onscreen instructions.
• Reset and remove the CD from CD-ROM drive.

On Windows Vista and 7:

• Insert the Windows CD into the CD-ROM drive and restart the computer.
• Click on "Repair Your Computer".
• When the System Recovery Options dialog comes up, choose the Command Prompt.
• Issue 'bootrec /fixmbr' command to restore the Master Boot Record.
• Follow onscreen instructions.
• Reset and remove the CD from CD-ROM drive.