Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Worm.P2P.SpyBot. Viruses Information

Name: Worm.P2P.SpyBot.
Category: Viruses
Description: Details
Worm.P2P.SpyBot.a
SpyBot is a peer-to-peer worm with backdoor capabilities that can also spread via computers infected with some Backdoor programs. The worm is a Windows PE EXE file that is written in Visual C++.
Installation
While installing itself the worm copies itself to the Windows system directory and sets the Hidden attribute for its copy. This file is then registered in the system registry in the following auto-run key entries:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun
HKLMSoftwareMicrosoftWindowsCurrentVersionRunOnce

On Windows 9x machines the worm hides itself from the task list.
SpyBot also tries to kill some firewalls and anti-virus programs.
Spreading
During the installation process, SpyBot copies itself to the kazaabackupfiles subdirectory in the Windows system directory and registers it as a subdirectory for Kazaa shared files.
Additionally, upon request by the worm's master (controller), the worm searches the Internet for hosts infected with the malicious programs Backdoor.Kuang and Backdoor.SubSeven and uploads itself to these hosts.
Backdoor
The backdoor routine allows a remote master (person or people controlling the worm's backdoor functions) to perform the following actions:
get detailed computer information including the names of the running processes
steal cached passwords in Windows 9x
download a file from a Web site
delete, rename, or execute a file
perform DoS attack on remote computer
scan ports and IP addresses
Other
The SpyBot worm can run a hidden HTTP server on infected machines. It also establishes a keyboard spy (code that records all key strokes a user makes on an infected machine) and, upon its master's request, sends the log file of all keyboard actions to the master.



Top Viruses Visited Pages:
Invader. - 241 visits
not-a-virus:RiskWare.Tool.RegPatch. - 73 visits
Worm.P2P.Harex. - 67 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 60 visits
Small.58. - 56 visits
Coito.64 - 54 visits
I-Worm.Mapson. - 48 visits
Win32.Hidra - 43 visits
Win16.Klon.1177 - 42 visits
Marine.500 - 35 visits

Random Viruses Pages:
Pray Famil
Macro.Word.MinSiz
Macro.Word97.Mam
I-Worm.Pla
Jenifer famil
MtE.Pogu
Saboteur.139
Macro.Word97.Blaste
DiskFille
Geliyor.135


 

© 2006-2008 spyware32.com - Privacy Policy