Virus name |
Summary |
Detail |
W32 / Bereb-B |
W32 / Bereb-B is a computer worm that functions as a Trojan. W32 / Bereb-B can listen to commands on special IRC channels. Nickname |
W32 / Bereb-B is a peer-to-peer worm, capable of cloning into pieces shared startup in the Windows directory under many different names, including: - To startup items can be turned into shared folder , W32 / Bereb-B will add the values to the registry at the following address: HKCUSoftwareKazaaLocalContentDir0 = & lt; path to the startup directory & gt; W32 / Bereb-B will also clone to the Windows directory with the name svckernell.com The and create registry keys at the following address so that it can be activated when the computer starts: HKLMSoftwareMicrosoftWindows - W32 / Bereb-B is a backdoor trojan that infects IRC channels, and can listen for commands on special IRCs. - W32 / Bereb-B creates the file library.dat in the WinMx directory under the Program Files folder. This file is not dangerous and can be deleted. & nbsp; |
Troj / Eyeveg-C |
Troj / Eyeveg-C is a trojan that allows hackers to access and gives full control over infected computer. |
- Troj / Eyeveg-C is a password-stealing Trojan that works in Windows environment. - To be able to run automatically every time Windows starts, Troj / Eyeveg-C clone to a file with a random name in the system directory (Windows) and add the registry keys associated with this file. - Troj / Eyeveg-C will also clone into the Windows startup folder. - Troj / Eyeveg-C collects system and password information and sends it to a web site. & nbsp; |
W32 / Netsky-M |
W32 / Netsky-M is a "deep bomb", capable of replicating itself and spreading to addresses collected from infected computers. |
- W32 / Netsky-M is a self-replicating "worm" and spread by address collected from infected computers. - W32 / Netsky-M copies itself to the Windows directory under the name AVPROTECT9X.EXE The And to make sure the worm can be activated when the computer boots, W32 / Netsky-M will add the registry values to the following address: HKLMSoftwareMicrosoftWindows - W32 / Netsky-M collects e-mail addresses from files with the following extensions: & nbsp; HTML, EML, TXT, PHP, VBS, RTF, UIN, ADB, TBB, DBX, ASP, WAB, DOC, SHT E-mail infected W32 / Netsky-M carry the following characteristics Headline Re: <recipient_name> Requested file Current message: Attachments (with an extension of ".pif") <recipient_name> & nbsp; |