javacool
March 3rd, 2002, 03:43 PM
From Panda Anti-Virus Software
Not quite as famous as the Britney virus, but people are falling for them in steadily increasing numbers...
{QUOTE->
VBS/Numgame sends itself out to every contact in the infected computer's Address Book in an e-mail with an attached file called "GuessGame.html" or "GuessGame.vbe". This worm also modifies several Registry entries and deletes some folders (among them Programs, Windows\System32 and Program Files) It also eliminates files with the following extensions: Sys, Dll, Ocx, Cpl, Dat, Com, Exe, Cab, Ini, Inf, Vxd, Drv, Doc, Xls, Mdb, Ppt, Mp3, Jpg, Txt, Htm, Html, Hta, Asp and Aspx. Once this is complete, in order to hide its activiies on the system, the worm displays a game in which the user must guess a number between 1 and 100.
Backdoor/NetThief.19 is a remote access Trojan that allows a computer that is connected to an IP network to be controlled from another system without the user realizing. The Trojan is contained in a compressed executable file with the format modified UPXv1.08 or modified ASPack, depending on whether it is a client or server program. Backdoor/NetThief.19 copies itself to the Windows directory and inserts a key in the Windows Registry. Finally, Backdoor/NetThief.19 allows certain network parameters of the infected computer to be displayed (IP address, connection port, name of the machine on which the server is run, etc) and carries out other actions that include creating, deleting, copying and modifying files.
For further information about these and other viruses, visit Panda Software's Virus Encyclopedia at the following address:
http://www.pandasoftware.com/library/
<-QUOTE}
Not quite as famous as the Britney virus, but people are falling for them in steadily increasing numbers...
{QUOTE->
VBS/Numgame sends itself out to every contact in the infected computer's Address Book in an e-mail with an attached file called "GuessGame.html" or "GuessGame.vbe". This worm also modifies several Registry entries and deletes some folders (among them Programs, Windows\System32 and Program Files) It also eliminates files with the following extensions: Sys, Dll, Ocx, Cpl, Dat, Com, Exe, Cab, Ini, Inf, Vxd, Drv, Doc, Xls, Mdb, Ppt, Mp3, Jpg, Txt, Htm, Html, Hta, Asp and Aspx. Once this is complete, in order to hide its activiies on the system, the worm displays a game in which the user must guess a number between 1 and 100.
Backdoor/NetThief.19 is a remote access Trojan that allows a computer that is connected to an IP network to be controlled from another system without the user realizing. The Trojan is contained in a compressed executable file with the format modified UPXv1.08 or modified ASPack, depending on whether it is a client or server program. Backdoor/NetThief.19 copies itself to the Windows directory and inserts a key in the Windows Registry. Finally, Backdoor/NetThief.19 allows certain network parameters of the infected computer to be displayed (IP address, connection port, name of the machine on which the server is run, etc) and carries out other actions that include creating, deleting, copying and modifying files.
For further information about these and other viruses, visit Panda Software's Virus Encyclopedia at the following address:
http://www.pandasoftware.com/library/
<-QUOTE}