Aliases: Trojan.Win32.JavaKiller, Troj/JavaKill, Trojan:Win32/Javakiller, TROJ_JAVAKILLR.A, TR/JavaKiller 
Variants: Win32/JavaKiller.A , Trojan.JavaKiller.A, IRC/Flood.f, BackDoor.Final 

Classification: Malware
Category: Trojan Horse

Status: Inactive
Spreading: Slow
Geographical info: N/A
Removal: Easy
Platform: W32
Discovered: 11 Oct 2001
Damage: Low

Characteristics: The W32.JavaKiller.Trojan malware is a backdoor Trojan. Once it is installed in a computer, its first action it to search the system for any security exploits. This exploit can be found from errors, flaws, or vulnerabilities from the computer’s security or its installed programs. The exploit is needed by the Trojan for creating a backdoor. It will then install a mIRC client and then create a host of files with the EXE, TXT and INI file extensions.

More details about W32.JavaKiller.Trojan

The backdoor created by the W32.JavaKiller.Trojan is the best way for remote hackers to enter the machine without being detected. This is possible because accessing a computer through a backdoor does not require any security or tough authentication method. Another prominent function of this backdoor Trojan is downloading unwanted and unsolicited files. This security threat can also download any kind of malware, from the simplest annoying adware to the harshest and most destructive worms. This backdoor Trojan may possibly be responsible for installing and distributing its downloaded malware as well. The Trojan’s downloading process will commence when a backdoor is already established and a network connection is available. It will then try connecting to a certain IP address where it can download malicious applications. This IP address is the Trojan’s remote server or creator’s address. The W32.JavaKiller.Trojan can also create registry entries so that it will start along with Windows.

According to some reports, the W32.JavaKiller.Trojan program is capable of displaying pop-up advertisements for rouge antispyware. It could redirect the Web browser to websites with advertisements and malicious scripts. The adware could change the victim computer’s wallpaper and screensaver. It could disable some tabs of the Desktop Properties. The adware may also launch DoS attacks against some websites.