Any Info On These Badboys?

Discussion in 'malware problems & news' started by JimIT, Jun 5, 2003.

Thread Status:
Not open for further replies.
  1. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    While scanning an infected w98 box, (w32/Hybris) F-Prot for DOS found 5 files which it identified as a malicious or "backdoor" program. The files were random characters, such as ACJJFPRC.ACE, etc.

    Found in c:\windows\system

    Can't find any info on these.

    Any ideas?

    TIA
     
  2. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    For some info on w32/Hybris, have a look here:

    http://vil.mcafee.com/dispVirus.asp?virus_k=98873
    and here
    http://www.pandasoftware.es/library/gusano/W32Hybris_EN_1.htm

    All I know about ".ace" extention, is that it is related to the Winace program(type of zip file).

    HTH, Jade.
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Please email me a copy, submit@diamondcs.com.au :)
     
  4. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    Gavin,

    F-Prot was set to "kill". It hosed 'em all. :doubt:

    If it's any help, NAV03 running in Windows did not detect them--only the Hybris infection. F-Prot caught them in a DOS scan.
     
Thread Status:
Not open for further replies.