Re: [WinMac] PWSTEAL Trojan horse.

Subject: Re: [WinMac] PWSTEAL Trojan horse.
From: Brian Durant (durant[at]cbn.net.id)
Date: Thu Apr 11 2002 - 12:10:04 EDT

• Next message: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• Previous message: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• In reply to: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• Next in thread: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• Reply: Brian Durant: "Re: [WinMac] PWSTEAL Trojan horse."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 11 April 2002 22:36, Wilcox, Curtis wrote:
> Here's more information.
> http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=W97M_GOGA.A&
>V Sect=T
>
> This page explains what the "hacker tool" DIALPWD.exe does.
> http://spywin.security-on.net/step.php

Thanks Curtis,

So if I understand this correctly, the trojan horse was in a Word macro/file
and the purpose was to get passwords for dialup connections. I assume the
purpose was to kidnap or zombie a/some servers or simply to get free Internet
time. The question is how do I get rid of the .exe file and do I need to do
any registry editing?

Cheers,

Brian

*** Windows-MacintoshOS Cooperation List ***
FAQ: http://www.darryl.com/winmacfaq/
Archive: http://www.darryl.com/winmac/

To unsubscribe, send mail to winmac-unsubscribe@iffy.com

• Next message: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• Previous message: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• In reply to: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• Next in thread: Wilcox, Curtis: "RE: [WinMac] PWSTEAL Trojan horse."
• Reply: Brian Durant: "Re: [WinMac] PWSTEAL Trojan horse."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Thu Apr 11 2002 - 12:06:34 EDT