Virus Database

Trojan.PSW.LdPinch

Description Trojan.PSW.LdPinch

This family of Trojans steals user passwords.
When launching, the Trojan writes the following value to the system registry.
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
putil = %windir%\%file name%
This ensures that the Trojan will be run every time the system is started.
It then copies itself to the Windows folder, and launches itself from there, deleting the original file.
The Trojan harvests information about the system (operating system, configuration etc.) and passwords for a range of services and applications, including RAS, POP3, IMAP, ICQ, FTP etc.
The information collected is encoded using MIME (Base64) and sent to the Trojan's author by email, using an SMTP server with an IP address which is coded in the Trojan's body.

Check other viruses! Be aware! Use Antiviral Software

Easy.200.a

Description Easy.200.a

It's a harmless memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM-files that are executed. It contains the internal text string: "Easy!".

EasyRider.2108

Description EasyRider.2108

It is not a dangerous memory resident stealth parasitic virus. It hooks INT 8 (timer), traces and hook INT 21h and writes itself to the end of COM and EXE files that are accessed. The virus infects files on floppy disks and network drives only. The only file on local computer is infected - it is the COMMAND.COM file.
The virus disinfects the COMMAND.COM on opening a file with names A-DINF-*.* (stealth). The virus also switch off its stealth function when the files are executed:
NDD, SCANDISK, CHKDSK, PKZIP, ARJ, LHA

The INT 8 handler periodically "shakes" the screen.
The virus contains the text strings:
[21st Century man]
Easy Rider ,Ni+eM/|re

Home