Know Your Malware: Nuclear Removal

Nuclear is a dangerous complex backdoor, which gives the remote attacker full unauthorized access to a compromised computer. Once executed, the threat displays a fake error message and installs itself to the system. Then it contacts a predetermined remote host and waits for specific control commands. Nuclear allows the intruder to manage the entire file system, terminate processes, alter the Windows registry, download and upload arbitrary files, execute system commands, manipulate windows, retrieve system information, display certain messages and shut down the computer. The backdoor can also log keystrokes, capture screenshots, run a hidden web server and take other dangerous actions. Nuclear automatically runs on every Windows startup.

Nuclear properties:
Allows remote user connection
Takes and sends out screenshots of user activity
Logs keystrokes
Connects itself to the internet
Hides from the user
Stays resident in background Remove Nuclear, removal instructions

Linked by shanmuga Thursday, 1st December 2005 2:54AM