|
Network Services November 4, 2009 If user shoots an enemy character, a file or folder in user's home folder will be deleted. When the user character is destroyed, the game ends, and the Trojan sends the user's score to the following server, then deletes itself from the compromised computer: [http://]www.stfj.net/loselose/highsc[REMOVED] Other Info: OSX_LOSEGAM.A, OSX.Loosemaque What to do: Don’t open this file, if you have done so please contact BDS ASAP so we can manually delete this from your computer. Trojan Whitewall It can receive configuration data through social networking Web sites. When the Trojan is executed, it creates the following file: %Temp%\setup.exe. It also drops the following file, which is a copy of cmd.exe: %Temp%\runinfo.exe. The Trojan then creates the following registry entry, so that it starts when Windows starts:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"MCAFEEIPS" = "%UserProfie%\local settings\temp\setup.exe". The Trojan contacts the following domains: What to do: Make sure you have an active running firewall, anti virus program, if you think you have been infected please call BDS ASAP.
|
