|
|
|
Top 10 malware reported to Sophos in March 2000
This section helps you to understand how it behaves
Note: Some people are getting confused between this Trojan horse and the Hey
You virus hoax.
This is a memory resident AOL password stealing Trojan that installs itself
in \windows\system\mine.exe, \windows\uninstallms.exe and \msdos98.exe.
It also writes a file \windows\system\readme.txt containing the text:
"Did you like it? Write Back ok?".
While resident in memory the Trojan interferes with Winzip, and sometimes
doesn't let regedit run. It also can make Windows fail to shut down.
This Trojan has been seen attached to an email with the subject line "hey
you" and the text:
hey i finally got my pics scanned..theres like 5 or 6 of them..so just
download it and unzip it..and for you people who dont know how to then
scroll down..tell me what you think of my pics ok?
if you dont know how to unzip then follow these steps
When you sign off, AOL will automatically unzip the file, unless you have
turned this feature off in your download preferences.
If you want to do it manually then
On the My Files menu on the AOL toolbar, click Download Manager.
In the Download Manager window, click Show Files Downloaded.
Select my file and click Decompress.
|
|
|
This webpage is optimized for 800 x 600 monitor resolution or above and
the latest web browser. |
|
|
