Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > jdbgmgr.exe hoax

Reply
Thread Tools

jdbgmgr.exe hoax

 
 
Patrick
Guest
Posts: n/a
 
      08-30-2003
John wrote:
> So I shouldn't open emails from anyone I know? Might as well pull the
> plug!


If you don't protect your computer then it could be taken over by anyone or
anything (without your knowledge).
Your machine could then be used by others for heaven knows what.
This would result in you being blamed and thus haveing 'the plug pulled' by
your IP.


 
Reply With Quote
 
 
 
 
longshotjohn7
Guest
Posts: n/a
 
      08-31-2003
DaveW wrote:
> "slumpy" <(E-Mail Removed)> wrote in message
> news:bipv8b$c6nb9$(E-Mail Removed)-berlin.de...
>> > If he does it a second time, THEN you can dissect his balls to see if

> he has any brains,


http://www.symantec.com/avcenter/(E-Mail Removed)

I pasted the following into a text pad as I was searching my machine.....

Then, it adds the following set of strings to assume the P2P shared folder:

\KMD\My Shared Folder
\My Shared Folder
Lite\My Shared Folder
\My Grokster
\Shared
\Incoming
Then, it drops the following copies:

The Lost Jungle.mpg.exe
The Matrix Reloaded Trailer.jpg.exe
Replacement Killer 2.avi.exe
Trailer DOOM III.exe
WinZip9Beta.exe
WhatIsGoingOn.exe
NokiaPolyPhonic.exe
TNT.exe
Dont Eat Pork SARS in there.exe
About SARS Solution.doc.exe
TIPS HOW TO CRACK SYMANTEC SERVER.txt.exe
VISE MINDVISION.exe
Uninstal.exe
WindowsSecurity Patch.exe
Hide Your Mount.exe


Patch - jdbgmgr.exe


NEW POWERTOY FOR WINXP.exe
Generate a Random PAssword.exe
OfficeXP.exe
Ripley Believe It Or Not.exe
Anacon The Great.exe
New Variant.exe
SMTP OCX.exe
DialUp.pif
Lost YourPassword.txt.exe
Hack In 5 Minute.exe
Get Lost.exe
Oh Yeah Babe.exe
Sucker.exe
MSWINSCK.OCX.EXE
Downloader.exe
HeavyMetal.mp3.exe
JackAndGinnie.exe
RosalindaAyamor
fxanacon.com
GetMorePower.exe
Hacker HandBook.exe
Dincracker eZine.exe
La Intrusa.exe
Porta.exe
Next, it sends the following information to the email address, chatzqat
phreaker.n et which most possibly belongs to the malware author:

EXE Backdoor Name
Operating System
Internet Explorer Version
Windows Directories
System Directories
Current Screen Resolution
Current Time
IP Address
Current Port Number
UserName
ComputerName
Cached Password: (For Win9x/Me Only)
Host
Drive(s)
Type of Drives
ICQ UINs
Sound Card
For this notification routine, the worm uses the smtp.phreaker.net mail

server to send email.



Overwriting Files

There are indications that this worm intends to deface the infected user's
Web site. When the current infected system has an installed IIS, the worm
creates a certain file named ANADF.TXT.BAT, which overwrites the following
files:

DEFAULT.ASP
DEFAULT.HTML
DEFAULT.HTM
INDEX.HTML
INDEX.HTM
INDEX.ASP
It overwrites these files with the following strings:

WARNING! YOUR WEB SERVER HAS BEEN HACKED BY ANACON MELHACKER.
Anacon G0t ya! By Melhacker - dA r34L #4(k3R!.

There are also codes suggesting that the worm deletes all
log files in the root directory of C: and D:.


As of this writing, however, this routine did not successfully replicate in
actual tests.

Other Details

The worm also attempts to download a file named AnaconIV.exe in the URL:

h t t p : \ \ <BLOCKED>x.org/~melhacker





--
longshotjohn 7

http://www.smartgroups.com/groups/hot2trot


The world is a dangerous place, not because of those who do evil, but
because of those who look on and do nothing. --Albert Einstein


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
MOON HOAX "later that it was all a hoax" moonlandinghoaxreligious@yahoo.com Digital Photography 1 05-30-2005 04:51 PM
email hoax =?Utf-8?B?a2VudHVj?= Microsoft Certification 1 04-15-2004 01:17 PM
Warning! Not a hoax! DC Computer Support 65 02-21-2004 07:01 PM
Hoax Emails Sentient Fluid Computer Support 5 08-19-2003 12:22 AM
virus or hoax? JeffK Computer Support 14 08-18-2003 06:01 AM



Advertisments