Welcome to the Virus Encyclopedia of Panda Security.
It attacks certain security tools, such as antivirus programs and firewalls, belonging to several companies. It attemps to download a file to the computer.
|First detected on:||Sept. 19, 2005|
|Detection updated on:||Sept. 20, 2005|
|Yes, using TruPrevent Technologies
Mitglieder.EW is a Trojan that attacks several security tools, such as antivirus programs and firewalls belonging to different companies, if they are installed on the affected computer:
- It deletes entries of the Windows Registry that store several configuration options.
- It stops services associated to those programs.
- It ends processes belonging to applications that provide updates for antivirus programs.
Mitglieder.EW attempts to download a file called OSA6.GIF from different web addresses, and then runs it.
Mitglieder.EW does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
Mitglieder.EW is easy to recognize once it has affected the computer, as it opens the Notepad program when it is run, but without displaying any text.