Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

BACKDOOR.SMALL.KBV

 

 

Name:

Backdoor.small.kbv

Added:

November 28, 2011

Type:

Backdoor

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Malware problems?   We can help.  Free Removal Tools.

 

 

Description:

 

When Backdoor.small.kbv is executed, it performs the following activities:

After execution, it drops the following files:

%Windir%\system32\16584
%Windir%\system32\ipsecstap.dat
%Windir%\inf\1.txt
%Appdata%\ws2help.PNF
%Appdata%\msvcr.dll
%Appdata%\IECheck.exe
%Userprofile%\Start Menu\Programs\Startup\Internet Explorer Security Check.lnk

It also modifies the file %Windir%\system32\netstat.exe

And it tries to connect some to various domains and remote web servers:

testX.33XX.org.XX
74.82.63.102
216.XXX.207.XXX
172.16.XX.XX & remote port 80
115.XXX.188.XXX & remote port 8080
0.0.0.0 & remote port 80

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4