Panda Softwareâ€™s weekly report on viruses and intrusions

This week in the traditional report by PandaLabs, we will review three trojans: Banker.HIK, Wsnpoem.AW and Dadlam.A. Banker.HIK belongs to the widespread category of â€œbank trojansâ€, and is designed to steal information entered by users in online forms, mostly belonging to Brazilian banks such as Banco do Brasil and CEF. The trojan opens false windows, in which users enter their bank information, which will then be fully available to those controlling the trojan. Banker.HIK also monitors traffic of visiting certain Web pages, thus expanding the scope of its actions to gather more information. This trojan copies itself into the folder â€œStartup Windowsâ€ and is called logon.exe, due to which it has an opportunity to be started every time you reboot the system. One of the distinguishing characteristics of Banker.HIK is that it gives a message with the text â€œSocket Error # 11004, thus it becomes easier to detect. The Wsnpoem.AW trojan also steals passwords. The malicious code erases all cookies on a computer to induce users to manually typing of all web addresses to which it can be accessed directly from the address bar. Wsnpoem.AW also makes changes in the registry, and creates new files in Windows startup, which makes it possible to start every time you reboot, along with the computer. The trojan Dadlam.A. This keylogger-troyan is of average risk to computers. The trojan hides in a video-file and when started shows a videotape of sexual content in order to distract the user. In addition, Dadlam.A changes the boot.ini file and creates a task, making the computer to restart at 6:00. The most dangerous thing of Dadlam.A is that it has two malicious programs. The first of these, IRCbot.ASM, operates as a backdoor, scanning all ports on the computer to find out which one is easiest to penetrate. Second, Downloader.OBW loads on an infected computer other malware. Dadlam.A can not extend itself, in order to do so it requires some users action, so it falls into the system through traditional channels, it retrieves another malware, or is leaded form some malicious webpage ... Anyone wishing to find out whether their computers were infected with these or other harmful programs can take TotalScan, free online solution, which can be found at : http://www.pandasoftware.com/totalscan. You can also take beta NanoScan (www.nanoscan.com), an online scanner that identifies all active Malware on the computer in less than 60 seconds.