July 24, 2011Did you know that certain viruses and trojans are deliberate and can give certain unscrupulous persons access to your computer? Computer hackers often do what they do for fun, or just because they can. That is, they invade and disrupt the systems and Web sites of companies and organizations, either to create a little random havoc or for motives of malice or profit.
Everyone who surfs the net should have anti-virus spyware. Spyware will alert you to malicious viruses. You will be given instructions on what to do. There are certain forums that should be avoided when it comes to "catching' a virus. Alot of sites with advertising are notorious. When you do get a virus write down the name and pertinent information, time, location, web sites visited and send to computer tracking professionals(more info.at link. Most times, identity and source location can be made. From there the information goes to Washington's headquarters and filed until there is enough information to form a case.
Watch out for this one on competitive sites: Backdoor:Win32/Cycbot.B
It is a backdoor trojan that allows attackers unauthorized access and control of an affected computer. After a computer is infected, the trojan connects to a specific remote server to receive commands from attackers. The commands may include instructing the trojan to update itself, visit web links, or download and execute arbitrary files.
Cycbot (sometimes called Cycbot.b or Win32/Cycbot.B) is a Trojan/Backdoor infecting PCs and giving remote access to hackers or planting fake antiviruses into infected PCs. This sort of trojans is one of the possible reasons for Search engine redirection, when your search results are filtered, replaced or you are redirected to harmful websites. Thus Cycbot infections are something you should be concerned about: while the parasite itself will not destroy your PC or steal information directly, it can provide enough access to other applications or people to do so. There couple versions of Cycbot : Cycbot.B, Cycbot.AC are noticed quite often.
In second case the programs are malicious. Process Explorer can help detecting locations of the particular process.
The malware creates the following files on an affected computer:
c:\documents and settings\administrator\application data\microsoft\stor.cfg
c:\documents and settings\administrator\application data\microsoft\windows\shell.exe
c:\documents and settings\administrator\local settings\temp\dwm.exe
These files store configuration and logging information for the malware.
Payload
Allows backdoor access and control
Backdoor:Win32/Cycbot.B allows unauthorized access and control of an affected computer. It does so by connecting to one of a number of web servers, which may respond with commands for it to execute. It may also send status information to these servers.
Examples of servers used by the malware include the following:
protectyourpc-11.com
qudeteyuj.cn
178.63.123.226
dolbyaudiodevice.com
zoneck.com
136136.com
motherboardstest.com
zonejm.com
freeonlinedatingtips.net
blenderartists.org
pcdocpro.com
historykillerpro.com
sharewareconnection.com
xy95.cn
8minutedating.com
securemywebconnection.com
mywwwarchive.com
testpcdriversonline.com
biggamemonitoring.com
bigkeystore.com
internetsecure.com
An attacker can perform any number of different actions on an affected computer using Backdoor:Win32/Cycbot.B.
This could include, but is not limited to, the following actions:
_Download and execute arbitrary files
_Update itself
_Stop running
_*Visit web links, possibly to collect money from pay-per-click
_advertising. Modify system settings
_Run or terminate applications
_Delete files
find more information @ http://www.microsoft.com/security/portal/Definitions/ADL.aspx
Internet-related crime, like any other crime, should be reported to appropriate law enforcement investigative authorities at the local, state, federal, or international levels, depending on the scope of the crime. Citizens who are aware of federal crimes should report them to local offices of federal law enforcement.
Reporting Computer Crime
Reporting Intellectual Property Crime
http://www.cybercrime.gov/reporting.htm#cc
