I-WormBadtransII

Discussion in 'malware problems & news' started by Detox, Mar 14, 2002.

Thread Status:
Not open for further replies.
  1. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Nasty thing was on my parents computer when I visited them the last couple days. I was looking in Trojancheck 5 and saw a funny DLL running.. they had big problems with their Norton and had no AV running do I grabbed the free AVG and found Badtrans.. AVG healed one file and that was it... I looked up Badtrans at Sophos and found that it drops a password stealing trojan, but I could find no trojans with TDS-3 or Trojancheck. I did find the file that the Sophos description said this trojan logs keytstroke information to in WIN/System and deleted it. This finally brings me to my 2 questions :)

    1. When AVG healed the fine (I guess win.inito_O)
    did that clear up the trojan as well?

    2. The file that keystrokes were logged to (and I deleted) ... was it created by the trojan and I did a good thing or was it a system file that gets altered and I did a bad thing?
     
  2. FanJ

    FanJ Guest

    Hi,

    Go to http://www.wilders.org/downloads.htm
    and download/install/run pqremove.exe
    reboot and run it again
    what does it say?
     
  3. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    ah I can't... I'm near Austin and my folks live in Laredo, and they're away from home until the day after tomorrow so I'll hafta talk my mother through that on the phone and see what happens. When I do I will post the results!
     
Loading...
Thread Status:
Not open for further replies.