|
|
SUBSIM: The Web's #1 resource for all submarine & naval simulations since 1997
|
SUBSIM: The Web's #1 resource for all submarine & naval simulations since 1997 |
09-01-06, 03:53 PM
|
#1 |
|
The Old Man
Join Date: May 2004
Location: Sutton Coldfield England
Posts: 1,540
Downloads: 305
Uploads: 0
|
Your Order For Spy Doctor .......
is here and $79 has been debited from your account. Click here etc etc.
Yeah right! This is what the email called spy doctor attempts to install in your system: The Small.coy trojan downloader belongs to a family of known primitive trojan downloaders that have a download URL encrypted in the end of their files. The URL to this particular trojan downloader (smsender.exe file) was spammed in e-mails to a large number of addresses. When downloaded and run by a recipient the trojan downloader attempts to download and activate a file named installer2.0.26.exe from a website hosted in Canada. The downloaded file is detected as 'Trojan-PSW.Win32.Agent.fy' and it is technically a trojan dropper. Once activated, it drops a DLL file and registers it as a component of Internet Explorer. This DLL file is the main spying component and it is activated when Internet Explorer is run. The spying component collects and sends out the following data:
__________________
> > Captain!, there's a destroyer on the por........ periscope is flooded Sir! > Darkness is only the absence of Light; Ignorance is only the absence of knowledge © www.worldwartwo.uk www.captainwalker.uk |
|
|
|
09-01-06, 04:36 PM
|
#2 |
|
Soaring
 Join Date: Sep 2001
Location: the mental asylum named Germany
Posts: 42,616
Downloads: 10
Uploads: 0
|
White letters on light grey background...
__________________
If you feel nuts, consult an expert. |
|
|
|
|
09-01-06, 05:05 PM
|
#3 |
|
Admiral
 Join Date: Oct 2004
Posts: 2,247
Downloads: 4
Uploads: 0
|
If you highlight the text to read it your computer will be infected, that's what is written. Now excuse me, I have to reformat my hard-drive to get rid of this trojan.
__________________
"Tout ce qui est exagéré est insignifiant." ("All that is exaggerated is insignificant.") - Talleyrand |
|
|
|
|
09-01-06, 05:56 PM
|
#4 | |
|
Lucky Jack
 Join Date: Jan 2006
Location: Down Town UK
Posts: 27,695
Downloads: 89
Uploads: 48
|
Quote:
 here we go again, highlight the text just to read it.
__________________
Dr Who rest in peace 1963-2017.  To borrow Davros saying...I NAME YOU CHIBNALL THE DESTROYER OF DR WHO YOU KILLED IT! 
|
|
|
|
|
|
09-01-06, 08:43 PM
|
#5 |
|
Eternal Patrol
 Join Date: May 2004
Location: Aeoteroa
Posts: 7,382
Downloads: 223
Uploads: 1
|
Yeah i caught a trogan a week ago from downloading a ultility of that download.com site which is usually safe. My antivirs/spyware didn't detect anything then when i went to install all hell broke loose and my pc's came to a standstill, webbrowsing, opening folders etc., was so slow, i would get on startup a window popping up saying a program is asking you to dial in to google.com???
Reformatted. |
|
|
|
|
09-02-06, 11:32 AM
|
#6 | |
|
Ocean Warrior
 Join Date: Feb 2003
Location: Connecticut, USA.
Posts: 2,794
Downloads: 29
Uploads: 0
|
Quote:
|
|
|
|
|
|
09-02-06, 12:27 PM
|
#7 |
|
Sea Lord
 Join Date: Dec 2003
Posts: 1,898
Downloads: 0
Uploads: 0
|
When you get infected apart from reformatting what else can you do?
|
|
|
|
|
09-02-06, 12:39 PM
|
#8 | |
|
Silent Hunter
 Join Date: Mar 2005
Location: Germany
Posts: 3,668
Downloads: 4
Uploads: 0
|
Quote:
Last edited by Gizzmoe; 09-02-06 at 12:42 PM. |
|
|
|
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
