Virus alerts for April 2006 Current virus alerts here. |
We stock the most efficient anti virus program which checks for updates hourly.
Contact Us for a free antivirus trial to the end of this month. Most recent malware, computer viruses, worms, Trojan horses, spyware and adware.Backdoor.Naninf.E - BKDR_BREPBOT.A - Infostealer.Yohokie - Trojan.Slapew - Backdoor.Haxdoor.M Infostealer.Sealoln - Downloader.Booli.A - Trojan.Mdropper.J - Bloodhound.Exploit.74 Confused? What is malware? Click here for the definition.June 16 2006 Backdoor Naninf.E Backdoor.Naninf.E is a Trojan horse with back door capabilities that lowers security settings on the compromised computer. Also Known As: BKDR_BREPBOT.A [Trend] Damage - Payload: Opens a back door on the compromised computer. When Backdoor.Naninf.E is executed, it performs the following actions: 1. May copy itself as the following file: %System%\svchon32.exe Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP). 2. Adds the value: "ProtocolModuleCmd"="svchon32.exe" to the registry subkeys: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 3. Creates the mutex "svchon32.exe" so that only one instance of it runs on the compromised computer at any one time. 4. Attempts to bypass the Windows Firewall by creating the following temporary .bat file, which adds the Trojan executable file to the list of trusted applications for the firewall: %Temp%\[RANDOM NAME].bat Note: %Temp% is a variable that refers to the Windows temporary folder. By default, this is C:\Windows\TEMP (Windows 95/98/Me/XP) or C:\WINNT\Temp (Windows NT/2000). 5. Attempts to end the following processes, some of which may be security-related: * winzip.exe 6. Attempts to open a back door by connecting to an IRC server at one of the following domains, on TCP port 8080: * 163.1.213.194 7. Connects to an IRC channel and listen for commands. These commands typically allow the remote attacker to perform various unauthorized actions on the compromised computer. It is reported that these actions include: * Downloading and executing remote files Contact Us for a free antivirus trial to the end of this month. Malware is software designed to infiltrate or damage a computer system, without the owner's consent. The term is a combination of "mal-" (or perhaps "malicious") and "software", and describes the intent of the creator, rather than any particular features. Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware and adware. In law, malware is sometimes known as a computer contaminant. Malware should not be confused with defective software, that is, software which has a legitimate purpose but contains errors or bugs. Most Prevalent Global Malware Backdoor.Naninf.E June 10 2006 Infostealer.Bancos Infostealer.Bancos is a generic detection for various threats that steal passwords entered into forms in Web browsers. NOTE : Definitions prior to May 10, 2006 may detect this threat as PWSteal.Bancos Also Known As: PWSteal.Bancos * Payload Trigger: Often triggered by visiting a financial Web site. Our antivirus programs use Infostealer.Bancos as a generic detection when detecting many individual but varied password stealing programs. Infostealer.Bancos variants steal passwords to financial Web sites by either: * Displaying fake browser windows that look like the sign in pages for legitimate financial Web sites. In these cases, a generic detection is used because it protects against many password stealers that share similar characteristics. Contact Us for a free antivirus trial to the end of this month. Most Prevalent Global Malware W32.Nopir.D |