Cyber Takeover 1.0

Cyber Takeover (1.0)
Server name: Cyber Takeover
Version: 1.0
Different versions: NA
Tested: Yes, on Windows 95 and Windows NT
Server size: 74.5K
Server files: co32.exe
Server icon:

Infects: Windows 95/98/ME
Autoloads: Windows start up
Default port: NA
Can port be changed: No

Server Features

Display I-Police
Display virus message
Get cached passwords
Get IP address
Get host name
Get screen resolution

Comments
Cyber Takeover is a AIM trojan. Unlike most trojans this one does not listen on a port, instead it receives commands over AIM. For example to see if you are infected it sends a AIM message: "(**infect?**)".

How To Remove
Quick fix: no quick fix programs
Manual removal:

Delete the JPGLoader.lnk file in the start up directory (Example: c:\windows\start menu\programs\Startup\).
Reboot the computer or close Co3.exe.
Delete the trojan file Co3.exe in the windows directory.

Related
Article: General removal info
Section: Test your knowledge, take our Trojan Quiz
Service: Trojan removal
Service: Tell a friend about this trojan
Service: Print this page

Copyright © 2000 and 2001, Dark Eclipse Software. All rights reserved.
This page may not be redistributed or reproduced in any manner without specific written permission from Dark Eclipse Software. If permission to use this page is desired then contact Dark Eclipse Software. While we consider the content of this page to be accurate, we cannot guarantee either the accuracy or the appropriateness of any portion of the page, including our analysis and manual removal.
Any actions taken by a reader in response to this or any other Dark Eclipse Software page are completely and solely their responsibility.