Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Dec 1st, 2008, 7:59pm
   Mischel Internet Security Forum
   Malware
   Trojans (Moderators: Helena, Gavin_Coe, Magnus)
   A whole bunch of warnings... enjoy!		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: A whole bunch of warnings... enjoy!  (Read 346 times)
Ian
Stole All the Forum Stars
********



Good things come to those who wait ...

   


Posts: 2913
A whole bunch of warnings... enjoy!
« on: Oct 8th, 2003, 9:05pm »		 Quote Quote  Modify Modify
Trojans - Hatoy.A, Petala.A and six variants of Istbar.
Worms - Dozer.A, Simbag.A and Holar.I.  
 
Hatoy.A reaches computers when users access a malicious web page. To do this it exploits the 'Object type' Microsoft Internet Explorer vulnerability, which allows files in certain pages to be run locally. Once it is executed, and when users try to access certain search engines, Hatoy.A redirects them to an IP address that could host different pages.  
 
Petala.A, is a backdoor Trojan that spreads across networks and IRC. This malicious code could give hackers remote access to the computer with which they could use IRC commands in order to copy files, terminate processes, etc., thus compromising confidential data and interfering with the use of the PC.
 
The B, C, D, E, F and G variants of the Istbar Trojan install spyware and dialers on the computer without users knowledge. They also display different screens with advertising for pornographic websites and add a toolbar to the Internet Explorer browser.
 
The worm Dozer.A sends itself to all MSN Messenger contacts in the compromised PC. In order to trick users, it sends itself in an e-mail, which claims to contain a patch for MSN Messenger sent by Microsoft. However, when this file is run, a false error message is displayed to confuse the victim. Dozer.A creates various Windows registry keys and intercepts and terminates antivirus and firewall processes.  
 
Simbag.A also spreads via MSN Messenger, sending a copy of itself to all contacts it finds. It also creates links to different erotic websites and generates the following files in the Windows directory: SMB.EXE, ADMAGIC.EXE, TEST.TXT, SM.DLL, RAW32X.DLL and UZ.EXE.
 
Finally, Holar.I spreads via e-mail and the KaZaA file sharing program. It changes the home page of Internet Explorer and when it has run more than thirty times it disables the mouse and the keyboard.
IP Logged
... but crap arrives pretty much straight away.
claire
Stole All the Forum Stars
********



carpe diem

   


Gender: female
 Posts: 3479
Re: A whole bunch of warnings... enjoy!
« Reply #1 on: Oct 8th, 2003, 10:20pm »		 Quote Quote  Modify Modify
Thanks for the info Ian.Posted to Computercops( with credit to you of course Wink)
IP Logged
Claire
Ian
Stole All the Forum Stars
********



Good things come to those who wait ...

   


Posts: 2913
Re: A whole bunch of warnings... enjoy!
« Reply #2 on: Oct 8th, 2003, 10:48pm »		 Quote Quote  Modify Modify
And Panda Labs, too, since they're good withthe head's up on this stuff Wink
 
I'm still not getting let in there (who was that shouting 'too right'??), but for now I'll bide my time and see if a new system build can fix the issues with this PC.
« Last Edit: Oct 8th, 2003, 10:51pm by Ian » IP Logged
... but crap arrives pretty much straight away.
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register