Forum Home
Press F1
Thread ID: 9182	2001-05-12 05:58:00	virus	Guest (0)	Press F1

Post ID	Timestamp	Content	User
12490	2001-05-12 05:58:00	i have a virus in 3 files calledW32.Badtrans.13312@mm it has gotton into wins=inetd.exe wins=system\kren32.exe wins=system\hksdll any help would be great thanks guys	Guest (0)
12491	2001-05-12 06:46:00	It comes as an email attachment and installs a trojan programme on your comp. Get a anti-virus programme and a firewall and don't open unexpected attachements. Email back asking if sender sent attachment. I use InoculateIt and Zone alarm.(both free to download). The AV prog should detect the virus an be able to ge rid of it(hopefully)and a firewall should make you fairly anonymous on the Net an stop unauthourised programmes(ie trojans) passing informatio into or out of your comp. HIH	Guest (0)
12492	2001-05-12 07:07:00	Also known as W32/Badtrans-A, 32/Badtrans@MM, BadTrans, IWorm_Badtrans, I-Worm.Badtrans, and TROJ_BADTRANS.A. When the worm is executed, it drops the backdoor Trojan Hkk32.exe in the \Windows folder, and then executes it. It then copies itself into the Windows folder as inetd.exe, adds a run= line to the Win.ini, and displays an error message. The next time that the computer is rebooted, the worm will wait for 5 minutes, then it will use MAPI to find all unread email messages and reply to all of them. The worm will attach itself to the email. The first thing is to do a virus scan using up-to-date virus definitions. If you don't own AntiVirus software go to http://www.trend.com and run their free Housecall online virus scan. If they have not been already removed, delete inetd.exe and hksdll.exe, these are files created by the virus and should be removed immediately. If there are any other files that can not be repaired by your virus scanner, delete them and resore them from back up disks. Edit c:\windows\win.ini using notepad and remove the entry run=c:\windows\inetd.exe Further information on this virus and how to remove it can be found at: www.symantec.com	Guest (0)
1