| Port No | 44014 |
| Service Name | Iani |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Trojan that when run, provides an attacker with the capability of remotely controlling a machine via a ""client"" in the attacker's machine, and a ""server"" in the victim's machine. Examples include Back Orifice, NetBus, SubSeven, and Hack'a'tack. What happens when a server is installed in a victim's machine depends on the capabilities of the trojan, the interests of the attacker, and whether or not control of the server is ever gained by another attacker -- who might have entirely different interests. Infections by remote administration Trojans on Windows machines are becoming as frequent as viruses. One common vector is through File and Print Sharing, when home users inadvertently open up their system to the rest of the world. If an attacker has access to the hard-drive, he/she can place the trojan in the startup folder. This will run the trojan the next time the user logs in. Another common vector is when the attacker simply e-mails the trojan to the user along with a social engineering hack that convinces the user to run it against their better judgment. |
| Reference Link | More Information |
| Attack | Name:lani Manual Removal: Follow these steps to remove Iani from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake. 1. Stop Running Processes: iani_server.exe systemroot+\system\msnetctl32.exe 2. Remove Files: iani_server.exe systemroot+\system\msnetctl32.exe |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.