This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects activity of Backdoor.Destover.
When the Trojan is executed, it creates the following file:
%SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup\[THREAT FILE NAME]
The Trojan then connects to the following IP addresses and ports:
188.8.131.52 on TCP port 443
184.108.40.206 on TCP port 443
The Trojan may then perform the following actions:
-Change files' time stamps
-Execute commands through cmd.exe
-List running processes
-Gather system information
- Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP