Web site designer from Michigan provides web site designer tips and advice for your website projects. We can help you discover the search engines and how to get in them. Our search engine optimization experts will layout a website design with your specific market in mind. Then, after carefully considering the best keywords for your website, they will assemble a highly targeted website, one that is easy for Yahoo and Google crawlers to find and follow. It is this attention to detail that sets Netcorp, Inc. www.thenetcorp.com in Michigan apart from the rest of the crowde. We want you to succeed, so we help build your site with the search engines in mind right from the start. Website design from Netcorp, Inc. is available throughout Michigan and around the United States and everywhere in the World. Have Netcorp, Inc. build your website today.Web site design and Website designer in Michigan explains how wesite design can help your business flourish. We explain website design,l search engine optimization, and ecommerce to you in a way that allows you to feel comfortable with your knowledge. Michigan is a technology state and we're a leader in website design, search engine optimization and ecommerce. Whether your business is in Michigan, another state, or International, Netcorp, Inc. can help your business succeed online. We're a leading website designer from MichiganSearch engine optimization and promotion from web site design designer in Michigan explains how website design can help your business explode. We explain search engine optimization from a web site designers perspective and help optimize your site for important search engines like Google. Search engine optimization and promotion in Michigan. Whether your business is in Michigan, another state, or another country, Netcorp, Inc. can help your business succeed online with it's own high-end web site. We're a leading web site designer from Michigan
eCommerceWeb Site DesignWebsite ServicesFREE Website QuoteTestimonialsPortfolioChoose Netcorp!About Us
Trojan Horse Protection for real estate from Netcorp, Inc. Michigan. Michigan Real Estate Trojan Horse Protection has the experience you need to get the Real Estate Trojan Horse Protection that pushes your Real Estate business to the front of the pack. Trojan Horse protection detection anti virus

Backdoor-CGT

Backdoor-CGT (SS) - How to protect your computer from this risk and other Worm, Virus and Trojan Horse attacks.

The Trojan program, called Backdoor-CGT, is a new form of a Trojan horse installed after e-mail recipients using Microsoft Outlook follow a Web link embedded in an e-mail message. The Trojan horse is believed to have infected thousands of systems on the Internet since appearing early Tuesday, even though antivirus software and up-to-date versions of Outlook are immune to attack, according to Maksym Schipka, senior antivirus researcher at MessageLabs in the U.K.

Trojan Horse Causes Spam Volume Jump

MessageLabs received more than 3600 e-mail messages with links to the Trojan horse during a two-hour period early Tuesday, the result of a massive and uncharacteristic spam distribution more than ten times what is normal for such a program, Schipka says. Trojan horse programs give remote attackers access to or control over machines on which they run, and often run unnoticed by computer users, or pose as legitimate software applications.

The Backdoor-CGT Trojan uses a "multistage" attack to place malicious code on victims' computers. After clicking on an e-mail link embedded in the spam message, victims go to a series of Web sites, each of which carries out one stage in the attack. The attack takes advantage of a now-patched flaw in Outlook called the "IFRAME" exploit to hide the Trojan Horse Protection redirections from the user and silently download and install the Backdoor-CGT program, Schipka says.

Once installed, Backdoor-CGT selects a communications port at random and opens it, creating a back door on infected systems that is used to communicate with a server on the Internet supposedly controlled by those behind the attacks. The website used by the compromised machines is registered in the.biz Web domain to an individual in the Czech Republic and was still online, though slowed by heavy traffic, on Tuesday, he says.

Anti Virus Weapons

Antivirus product vendor McAfee has also released an advisory about the new Trojan program, also known as "SS." The company has updated its virus definition files to detect the new Trojan program. However, McAfee's Tuesday bulletin rates the virus "low," indicating it does not pose a great threat to either home or business users.

Other antivirus companies did not immediately respond to requests for information about Backdoor-CGT. It is not clear whether other companies are aware of it, or whether other antivirus software programs can spot the new malicious program.

However, before the Trojan program can be downloaded and installed, the attackers try to place a common version of another program, called a "dropper," that antivirus programs can spot, thwarting infections, Schipka adds.

Microsoft Outlook users are advised to apply the latest software patch for the product to prevent infection, he says.

To help protect your computer against a wide variety of security threats, see Worm, Trojan Horse and Virus - Protect Your PC.

This information is from McAfee Anti Virus, Worm, and Trojan Horse Protection

-- Update July 13th 2004 -- The risk assessment of this threat has been upgraded to Low-Profiled due to media attention at:

http://www.theinquirer.net/?article=17190

BackDoor-CGT is referred to as SS trojan within the article. Detection of this Trojan is included in the Daily DATs, and will be included in the next scheduled weekly release. Please see the removal instructions for a link to the EXTRA.DAT packages.

This detection is for a backdoor trojan that is likely to be installed after viewing an email message that has recently been spammed out. A script within the email message results in a script dropper (detected as VBS/Inor ) being executed on the victim machine. This dropper writes and executes the following binary, which is the backdoor trojan:

SS.EXE (15,360 bytes) When run, the following files are installed on the victim machine:

  • %SysDir%\dss.dll (3,072 bytes) - launcher for the trojan
  • %SysDir%\dssa.dll (3,072 bytes) - restores trojan from backup
  • %SysDir%\ss.dat (15,360 bytes) - backup of the trojan (slightly modified)
  • %SysDir%\ss.exe (15,360 bytes) - copy of the trojan

    The dropped DLLs are detected as BackDoor-CGT.dll with the specified DATs. The backup of the trojan is not a simply copy. Instead, some conversions have been performed (altering ascii case, reversing nulls and spaces etc). The backup is detected as BackDoor-CGT.bak .

    The following Registry keys are added to hook system startup:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ ShellServiceObjectDelayLoad "ss" = {0C5647C2-06B8-4BDD-842E-6929B0BC5833}
  • HKEY_CLASSES_ROOT\CLSID\{0C5647C2-06B8-4BDD-842E-6929B0BC5833}\ InProcServer32 "(Default)" = dssa.dll

    When running, the backdoor trojan opens a random port on the victim machine. A notification is sent to the hacker (IP address, port number) via HTTP. Probably in an attempt to bypass software firewall, the trojan launches Internet Explorer (IEXPLORE.EXE ) to send this HTTP traffic.

    To block the outgoing notification (and prevent the download of the trojan in fact), administrators should block HTTP access to the following domain:

    genmexe.biz

    Indications of Backdoor-CGT SS Infection

  • Random port number unexpectedly open on the machine
  • Existence of the files and Registry keys detailed above

    Backdoor-CGT SS Methods of Infection

    This trojan is likely to be received after receiving a spammed out email message, which results in running a script dropper on the victim machine. This dropper drops and executes the SS.EXE binary to the machine.

    Backdoor-CGT Removal Instructions

    All users: AVERT considers this to be a low risk threat.

    Detection is already included in the Daily DAT files (beta). - Please visit www.McAfee.com to get anti-virus protection.

    The following EXTRA.DAT packages are being made available prior to the regularly scheduled weekly DAT release (working with EXTRA.DAT files).

    EXTRA.DAT

    SUPER EXTRA.DAT

    Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher). (The EXTRA.DAT does not include complete removal of added Registry keys.)

    Additional Windows ME/XP removal considerations

    Backdoor-CGT Aliases

    SS.EXE, Trj/Xebiz.A (Panda)

    Sasser Worm Protection, Anti Virus Software, Computer Network Security solutions provided by companies on the right hand side of this page. Please contact professional computer and Internet Security Experts if you have any questions or concerns about Email Virus protection, Worm Protection, and Trojan Horse Protection.

    		• Trojan Horse Protection Virus Protection



    Content Management
    News and Information
    Search Engine Optimization
    Contact Us
    Website Content Management gives you the power to make changes to your site without risk to your website framework. Our web based content management system allows you to make all the changes you want and it won't cost you a penny more.

    Website Content management software gives you control of your website content without risk to your web site framework. Now content management is easier and more flexible than ever.

    Our Website content management system is also available with full featured ecommerce functionality!

    Website Content management and Ecommerce in a complete, easy to use package. This should be YOUR solution for managing your web site content!
    Hurricane Katrina Information

    NEWS RELEASES:
    eCommerce Website News eCommerce
    Search engine marketing fees 2005

    Learn why our clients save on average over $3000.00 a year on website design and maintenance using our content management solutions.

    Backdoor-CGT (SS) Trojan Horse Protection.

    Protect yourself from MyDoom and other security tips.

    FRAUD ALERT! - Gold Mine Sweepstakes Lottery

    Sasser Worm Protection

    Get Netsky Worm Protection

    We provide ecommerce website design and website design services to advertising and marketing agencies, independent webmasters, and other organizations.
    eCommerce
    Hurricane Katrina Information

    Tsunami Disaster Relief
    Search Engine Facts
  • 80% of users visit first 2 search pages.
  • Google accounts for 35% of search traffic, Yahoo - 28%, AOL - 16%, MSN - 15%, and the rest - 6%.


    • Link Popularity and Search Engine Optimization Advice

    Search Engine Optimization - Must Read!

    Yahoo, Google primed for search war.

    American Blind Sues Google in NYC

    Explaining Google PageRankā„¢
    Small Business Web Design inquiries, please Click Here!

    Medium and Large Business Web Design inquiries, please Click Here!

    Ecommerce Support

    Website Support

    Telephone
    National: (888) 544- 4700

    Michigan: (248) 349- 6281

    Netcorp, Inc.
    World Headquarters
    MICHIGAN
    United States of America
    eCommerceWeb Site DesignWebsite ServicesFREE Website QuoteTestimonialsPortfolioChoose Netcorp!About Us
    Copyright © 2002 Netcorp Inc. All rights reserved. link partners - request link exchange - More partners - DMCA Notice