We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Backdoor:Win32/Nuwar.A!ini
Detected by Microsoft Defender Antivirus
Aliases: Puper (McAfee) TrojanDownloader:Win32/Zlob (Microsoft) Worm-Win32/Nuwar!ini (Sunbelt Software)
Summary
Backdoor:Win32/Nuwar.A!ini is a configuration file used by Backdoor:Win32/Nuwar.A!sys. The file is dropped by Backdoor:Win32/Nuwar.A!sys, and contains a list of peers to connect to, as well as other information pertaining to the Trojan’s distributed peer-to-peer network.
The file itself is not malicious, rather it is an indication of infection by Win32/Nuwar.
Backdoor:Win32/Nuwar may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx.
Follow us
