Fighting Spyware, Malware and Adware one File at a Time.
Navigation Links

Database of Spyware Home

About the Project

View the Database

Forums

Database of Spyware Site Map

Terms of Use

Callgate

Overview

Vendor Description

 From the doc: 'Run any Ring 0 code from a WIN32 application on Windows NT Callgate is a mechanism of controlled ring transfers (privilege level transfers) on INTEL processors. There are ways to implement callgate mechanism under Windows 3.1 and Windows 95. Refer to MSDN articles 'Run Privileged Code from Your Windows-based Programs Using Call Gates' by Matt Pietrek (MSJ May 1993) for Win3.1 implementation. Refer to PHYS program in Matt Pietrek's excellent 'Windows 95 System Programming Secrets'. We are providing here an equivalent mechanism under Windows NT 3.51 and 4.0. We provide the reader with an API, driver and a DLL to directly try out this mechanism. This is the best known mechanism to execute privileged instructions WITHOUT having to write a NT kernel mode device driver. You can directly link with our general purpose DLL and execute Ring 0 code.'

Alias

 Win95/Henky.Adonai.A.Callgate!Tr [Computer Associates],

Category

 Exploit: A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. Exploits are the root of the hacker culture. Hackers gain fame by discovering an exploit. Others gain fame by writing scripts for it. Legions of script-kiddies apply the exploit to millions of systems, whether it makes sense or not. Since people make the same mistakes over-and-over, exploits for very different systems start to look very much like each other. Most exploits can be classified under major categories: buffer overflow, directory climbing, defaults, Denial of Service.

 

Origins

 

Author

 Prasad Dabak & Sandeep Phadke & Milind Borate

Date of Origin

 April, 1997
 

Detection and Removal

Manual Removal

 Follow these steps to remove Callgate from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.

 Stop Running Processes:

Kill these running processes with Task Manager:



Unregister DLLs:

Unregister these DLLs with Regsvr32, then reboot:



Remove Files:

Remove these files (if present) with Windows Explorer:



 
Calimocho  Call991Trojan  CallOnlineTwo  Call_Batch  Caller-IDSpecifications  Callgate  CallingCardDialer1.00  CallingCardNumberGenerator0.1b  Calserver.c  CamGirlsLive  
 
Site Map 2006 © Copyright DatabaseofSpyware.com. All rights reserved. Terms of Use
Another Proud Thor Schrock Development