Cancer trollware virus

Cancer virus belongs to the programs that many people call trollware or crapware. These programs are, actually, made to have fun, or to protest against something, or are a form of expression. Usually, the developers of suchlike viruses are young hackers that want to be famous among other web-scammers, but we think that in this case the developer is pretty experienced. We say so because the structure of this malware is pretty complex, all tracks are very well hidden, and it is very difficult to remove Cancer from the system. In this article we will describe Cancer malware, all its functions and possible weak spots.

What is Cancer malware?

First of all, we should say that Cancer doesn’t do anything to your PC or files. We mean that it don’t encrypt, change or delete the information. Most likely, Cancer isn’t the ransomware, unless it will demand payment for self-deletion, but for now it doesn’t. So, what’s the point this all? Virus penetrates user’s PC and starts from the request to http://hostingonline.desi/register.php?ref=3625708941 web-address. The script that is responsible for this connection is broken, so it displays an error. We don’t think the hackers accidentally added the broken script to their new virus, so we think that it’s a method to cover up the tracks.

The second step for Cancer is to find and shut down all processes that night pose danger. So, it just looks for the processes that contain the words from the following list and ceases their work:

Avg, av, avast, avira, alarm, anti, antivirus, cheat, cheatengine, clam, cloud, comodo, dbg, debug, defend, dumpcap, engine, vmtools, SandboxieRpcSs, regshot, SandboxieDcomLaunch, Sandboxie, OllyDbg, IDAq, quard, malware, secure, immunity, shark, spy, hunter, qihoo, nod, f-secure, secur, protect, idaq, strike, falcon, norton, monitor, zone, kasp, malwarebytes, panda, eset, root.

Such method of detection is pretty rough, and some antiviral tools might run despite this “shield”, but hackers made most of decent and well-known anti-viruses unable to remove Cancer virus. When everything is set up, the virus is sure that no program can remove it, renames C-drive of your PC to CANCERRRRRRRRRRRR, and starts the show.

How it works?

When Cancer starts functioning user can instantly understand it. The computer becomes completely useless in one second: you barely can look at the screen, not to mention working on it. The windows begin twisting and turning from left to right and upside down, their size changes from full-screen mode to little mini-windows. Programs are running by themselves, and after that suddenly close. Except that, virus plays the annoying music and shows weird pictures that jump all over the screen like grasshoppers. This is enough to make any user worry, but except that virus closes an access to all files. An important thing is that Safe mode doesn’t help to stop this mess. Some elements disappear, like the jumping pictures and music, but all files are still changed and you can’t launch them.

It’s sad to say but for now we can’t advise any steps to remove Cancer virus from your PC. it is pretty complicated and needs much efforts to crack it. The good thing is that many famous malware researchers as MalwareHunret team and BleepingComputer team are up to fight the Cancer virus, so we can only hope that soon there will be decent instruction for manual removal.

This website uses cookies to improve your experience. If you continue using the site, we will assume that you accept our cookies policy.