x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Mitglieder.BO

Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Mitglieder.BO
Technical name:Trj/Mitglieder.BO
Threat level:Low
Type:Trojan
Effects:  

It attacks certain security tools, such as antivirus programs and firewalls, belonging to several companies. It downloads a file to the computer.

Affected platforms:

Windows XP/2000/NT

First detected on:March 1, 2005
Detection updated on:March 7, 2005
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 

    

Mitglieder.BO is a Trojan that heavily attacks several security tools, such as antivirus programs and firewalls belonging to different companies, if they are installed on the affected computer:

  • It deletes key files belonging to them from the affected computer.
  • It deletes the entries in the Windows Registry that allow them to be activated whenever Windows is started.
  • It stops services associated to those programs.
  • It also ends processes belonging to the applications that provide updates for antivirus programs.
  • It prevents access to the websites of their companies.

Every six hours, Mitglieder.BO attempts to download a file from different web addresses. This file is detected by Panda Security as  Downloader.BBN.

This Trojan also downloads and runs the worm Bagle.BN.

Mitglieder.BO is installed by a dropper type malware, which injects the executable file WINSHOST.EXE into the system process EXPLORER.EXE. This dropper is distributed via e-mail by the worm Bagle.BN itself.

Visible Symptoms 

    

Mitglieder.BO is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.