Created: 2010-11-16, 16:37:39
Last updated on: 2010-11-16, 16:37:39

Platform: Win32 Type: trojan Size: 18944
Date: 2010-10-27

Endangered operating system(s): Windows 95, Windows 98, Windows Me, Windows NT, Windows 2000 all...
Non-endangered operating system(s): Windows 3.xx, DOS, Linux, Unix, Solaris all...


The different antivirus applications use different names for the individual viruses and worms. Sometimes an antivirus application identifies the same individual malware using different names for different copies or different viruses and worms are identified with the same name. The informative list below contains the names for the malware given by the most popular antivirus applications. The names can vary using the different versions of the same antivirus application.

antivirus naming
Avast Win32:Boonana
AVG Downloader.Generic10.AEZK
Avira TR/Agent.AQTM
BitDefender Trojan.Agent.AQTM
e-Trust Win32/Boonana.A
F-Secure Trojan.Agent.AQTM
Ikarus Trojan-Dropper.Agent
Kaspersky Trojan.Win32.Agent.fyhz
McAfee Generic Downloader.z
NOD32 (ESET) Win32/Boonana.A
Microsoft TrojanDownloader:Win32/Boonana.A
Norton Antivirus Trojan Horse
Rising Antivirus Trojan.Win32.Generic.5246E929
Sophos Troj/Agent-PDY
VirusBuster Trojan.Boonana.C


The main purpose of viruses and worms spreading on the Internet and local networks is to infect another computer. After this infection malware can modify the system and after a reboot process the malware code can be launched. For this purpose malware usually creates files in the operating system's area and modify the registry. According to this modification of the registry the operating system will execute the malware code as well. Besides, it is possible that they create files in other area (directory) of the file system. It is also possible that viruses and worms create AUTORUN.INF files in the root directories of the drives. In this case - according to the default settings of Windows - it automatically executes the malware once the user opens the root directory of the particular drive.

Win32/Boonana.A.3 trojan creates the following files:

  • C:\Documents and Settings\tester\.jnana\
  • C:\Documents and Settings\tester\.jnana\cplib_x86_win.klf
  • C:\Documents and Settings\tester\.jnana\cplib_x86_osx.tnw
  • C:\Documents and Settings\tester\.jnana\jnana.tsa
  • C:\Documents and Settings\tester\.jnana\jnana.pix
  • more...

image image


Viruses and worms more and more frequently open backdoors on the attacked computer. Thus the attacker can take full control over the machine. In this case the attacker can do whatever s/he wants on the computer: run or stop programs and applications, upload or download files, steal passwords and access codes.

Win32/Boonana.A.3 trojan opens a backdoor on random TCP port(s).