Author: Marc D
Date: 16:43:34 05/23/05
Go up one level in this thread
On May 23, 2005 at 19:23:06, Michael Diosi wrote: >On May 23, 2005 at 19:13:15, Marc D wrote: > >>On May 23, 2005 at 18:46:02, Michael Diosi wrote: >> >>>Hello, >>> >>>Could please someone explain me how Fafis can be affected by a virus. This virus >>>doesn't replace any .exe files and it creates and affects two files: >>>taskgmr.exe and hellmsn.exe. Just wondering how it got inside the Fafis file ? >>> >>>This is wahtr the virus does: >>> >>>http://securityresponse.symantec.com/avcenter/venc/data/w32.mytob.bc@mm.html >>> >>>Thanks in advance, >>> >>>Michael >> >>Hi >> >>From what i understand the virus affects the compression of an executable >>file.If executed it drops the file >>%Temp%\C27D8FEF-D7AE-42c0-82E6-F30598265639.exe besides the other mentioned >>files. >>It is a very intelligent worm. >> >>Best >>Marc > >In the distribution, of the Fafis 2.0 it is not a separate file, it is inside >the code of Fafis.exe. How did it get there ? It doesn't affect any other exe in >my understanding. Only creats two taskgrm.exe and hellmsn.exe which then make >two *.scr files. So how did it get there ? Still wondering... > >Best, > >Michael Its a trojan called Clean.A which will be dropped after executing the fafis.exe file. This trojan surely affects exe files and can then carry even some worm code. Marc
This page took 0.01 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.