Nasty virus I cam across today...
#1
Called BadTrans
Infects via an email attachment which can be any one of the following:
Card.pif
docs.scr
fun.pif
hamster.ZIP.scr
Humor.TXT.pif
images.pif
New_Napster_Site.DOC.scr
news_doc.scr
Me_nude.AVI.pif
Pics.ZIP.scr
README.TXT.pif
s3msong.MP3.pif
searchURL.scr
SETUP.pif
Sorry_about_yesterday.DOC.pif
YOU_are_FAT!.TXT.pif
Once triggered it splits intself into 3 parts.
One called INETD.EXE is triggered by the win.ini. (located in windows folder)
One called KERN32.exe which is a trojan. (located in windowssystem folder)
Last one is the worst, called HKSDLL.DLL - its a keylogger which is capable of recording keypresses (like credit card info) into a file. The file is then transmitted back to the author.
Nasty or what ?
More info at
Infects via an email attachment which can be any one of the following:
Card.pif
docs.scr
fun.pif
hamster.ZIP.scr
Humor.TXT.pif
images.pif
New_Napster_Site.DOC.scr
news_doc.scr
Me_nude.AVI.pif
Pics.ZIP.scr
README.TXT.pif
s3msong.MP3.pif
searchURL.scr
SETUP.pif
Sorry_about_yesterday.DOC.pif
YOU_are_FAT!.TXT.pif
Once triggered it splits intself into 3 parts.
One called INETD.EXE is triggered by the win.ini. (located in windows folder)
One called KERN32.exe which is a trojan. (located in windowssystem folder)
Last one is the worst, called HKSDLL.DLL - its a keylogger which is capable of recording keypresses (like credit card info) into a file. The file is then transmitted back to the author.
Nasty or what ?
More info at
#2
Scooby Senior
Clever little b'stard isn't it. Hope everyone here practices safe hex.
If anyone here needs Antivirus advice feel free to ask.
Jack Clark
McAfee/Dr Solomon's
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by DazV:
<B>
Card.pif
docs.scr
fun.pif
hamster.ZIP.scr
Humor.TXT.pif
images.pif
New_Napster_Site.DOC.scr
news_doc.scr
Me_nude.AVI.pif
Pics.ZIP.scr
README.TXT.pif
s3msong.MP3.pif
searchURL.scr
SETUP.pif
Sorry_about_yesterday.DOC.pif
YOU_are_FAT!.TXT.pif[/quote]
If anyone here needs Antivirus advice feel free to ask.
Jack Clark
McAfee/Dr Solomon's
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by DazV:
<B>
Card.pif
docs.scr
fun.pif
hamster.ZIP.scr
Humor.TXT.pif
images.pif
New_Napster_Site.DOC.scr
news_doc.scr
Me_nude.AVI.pif
Pics.ZIP.scr
README.TXT.pif
s3msong.MP3.pif
searchURL.scr
SETUP.pif
Sorry_about_yesterday.DOC.pif
YOU_are_FAT!.TXT.pif[/quote]
Thread
Thread Starter
Forum
Replies
Last Post
Mattybr5@MB Developments
Full Cars Breaking For Spares
28
28 December 2015 11:07 PM
Mattybr5@MB Developments
Full Cars Breaking For Spares
12
18 November 2015 07:03 AM