I got a backdoor.nibu virus tonight, but fortunately it didn't get far as my virus checker caught it before it could finish configuring itself. It's a worm that basically logs your keystrokes and sends them back to the host. It also disables access to the virus websites via writing to the HOST file in your windows directory. Nasty little sucker, but easy to get rid of. This one didn't really match exactly any of the strains, so it might be a new one, but one of it's tell tale marks is a file called prntk.log in your windows directory where it keeps the keystrokes you make. The link below is to Symantec's directory of all of them (A-H) as there seems to be files written from a few of them, but mostly G.
http://www.symantec.com/search/
and typein backdoor.nibu in the search box.
http://www.symantec.com/search/
and typein backdoor.nibu in the search box.
