Jump to content
Washington Football Team Logo
Extremeskins

Virus Info I just Received


StevieInferior

Recommended Posts

Guys,

A member of my IT dept just came up and advised me of a potentially dangerous virus. What they have found out is that it records keystrokes and sends it off to the internet. This is dangerous because if you have logged onto on-line banking or preformed credit card transactions, your numbers could potentially be in someone's hands for identity theft. To see whether you have it go to My Computer. Then Windows (possibly WINNT at work). You may have to click show Files to view elements. Then go into System32. Looke for an executable titled NTOSA32.exe. If you have this file, you have the virus. At this time there is no fix and you can not delete it. SO be careful with senstive info.

Link to comment
Share on other sites

Thanks for the heads-up...

I was worried, because someone might actually log in to extremeskins, and use my screenname to wreak havoc on the site...

Like maybe a Cowboys fan might crack into my screenname and starting spreading bogus threads...

Maybe I would have woken up one morning only to find that I have a clown as an avatar!!!!AHHHHHH!!!!!

So, err....thanks for helping me avoid that situation.

Link to comment
Share on other sites

There are a lot of hoax viruses out there too. Someone will pick an obscure file that is on everyone's Windows folder and send out word that it's a virus and tell everyone to erase it. I've seen that happen a couple of times in the past year.

I did a google search and got no hits on NTOSA32, but there is an NTOSA-5630 web page with a bunch of gibberish on it.

This either will make the list of viruses in Symantec's data base soon, or will make the list at some of the hoax virus debunker's sites.

Or maybe the IT person who found this is mistaken. Time will tell.

Link to comment
Share on other sites

Guys, this has been known for a couple of days.

There's a removal tool for it here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.anig.removal.tool.html

Here's the information on the virus itself:

http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.anig.html

Defs are expected for this on Wednesday as it's Category 2 and Symantec doesn't release defs until Category 3 normally, unless they are worried about faster rising -- like the latest MIMAIL.

This is a relatively minor virus. There are hundreads of keylogger trojans out there. This is just another and is based on a string of similar viruses in the HLLW family.

Link to comment
Share on other sites

THere are three potentially bad trojens out there that are set up to flood some web server that is slamming Linux. I heard this on tech-tv. ----:rolleyes:---I was just flipping through alright....

Anywho, that's alot of alerts in a short period. it would be wise for us to get updates for the OS and new virus defs just to be safe, and don't f*ck with random attatchments!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! :hammer: :hammer:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...