Backdoor.Tripod
Description Backdoor.Tripod
This backdoor program obtains a file from the Internet and spawns it on a victim's machine in hidden mode. Upon being run, the backdoor copies itself to Wthe indows system directory with the IESTUB32.EXE name and registers itself in system registry in the auto-run section:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
It then, depending on the current date, loads the file WELCOME.GIF from http://members.tripod.com Web site, stores it in the Windows temporary directory with the UNINST32.EXE name and spawns it. The UNINST32.EXE program's behavior is unknown and depends only on a backdoor author's needs.
Check other viruses! Be aware! Use Antiviral Software
Gle.848
Description Gle.848
It is a dangerous memory resident virus that by standard way infects every started 10th EXE-file. It hooks INT 21h. On December, 24th it displays the text: "Gleîileg jól" and stops any file execution.
Glemp.877
Description Glemp.877
It's a dangerous not memory resident parasitic virus. It searches for .COM-files and writes itself to their ends. It contains the internal encrypted text string:
*.com
C:DOSCOMMAND.COM
On September, 1st and November 1st it decrypts and displays the message and then erases the disk sectors:
HUJ GLEMP and his fucking
friends formatting Your Hard Disk NOW !
Podziekuj pierdolonemu kosciolowi.
|