W32.Bender.1363


Aliases: Virus.Win32.Bender.1363, Win32.Bender.1363, PE_BENDER.1363, W32/Bender.1363, Win32.Bender.1363 
Variants: W32/Bender, Win32.NGVCK.2404, Win32:Bender, Win32/Small.1363 

Classification: Malware
Category: Computer Virus

Status: Inactive
Spreading: Moderate
Geographical info: North America, South America, Asia, some parts of Europe
Removal: Hard
Platform: W32
Discovered: 20 Aug 2002
Damage: Medium

Characteristics: The malware W32.Bender.1363 is a virus that affects almost all Windows Operating System platforms. This virus is a PE virus or portable executable which is the standard executable format used in 32-bit Windows OS files.

More details about W32.Bender.1363

Once the W32.Bender.1363 malware enters a compromised machine, it will infect a file such as ‘example.exe’ in the event that the file is located in the same folder that the virus is located in. The virus will insert its viral code in the first segment of the infected file. The infected file’s original bytes will then be appended to its last segment along with other 173 arbitrary bytes from the memory. This virus inserts its viral code into Windows files so that it will also be run when the compromised files are accessed by unsuspecting users. The PE virus W32.Bender.1363 may also be capable of opening a backdoor utility in the compromised machine. This backdoor utility will open ports that will permit remote hackers to take control of the infected computer system. Normally, files compromised by PE viruses can be cleaned and restored to their immaculately clean conditions. However, the process of restoring compromised computer systems will necessitate procedures other than scanning the system with an antimalware application.

To remove the W32.Bender.1636 virus with the use of an antivirus application, first step is to update its virus definitions and close the system’s modem connections. Next, a full system scan should be completed and all files associated with the virus should be deleted upon detection. Delete all values added to the registry by the virus as well. Before editing the registry however, make sure to make a backup copy to avoid further damage to the registry.