CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Beware!: New Internet bug attacks administrator/password logins image
Bug Alert

A new virus called Nick has begun infecting the registries of computers with login settings established as Administrator and passwords set as Password. Once inside, the virus establishes a File Transfer Protocol site for spam relay and storage.





By Carlos A. Soto
GCN Staff
May 14, 2003

The name of the bug appears to be Nick because that word appears frequently in the script files. The virus initiates when a user clicks X or OK to close a spam box that randomly opens on screen. To see whether your Microsoft Windows system is infected, go to Windows Registry Edit, or regedit, from the Start-Run menu options. Under regedit, click on software, Microsoft, Windows, current version, Run. Delete all Hidden 32 files. These steps were tested in a Windows 2000 Advanced Server environment and might need adjustment depending on your Windows operating system.

Article source...
GCN.com


Posted on Wednesday, 14 May 2003 @ 13:04:59 UTC by cj (4128 reads)
[ Trackback ]		image

"Beware!: New Internet bug attacks administrator/password logins" | Login/Create an Account | 1 comment | Search
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: New Internet bug attacks administrator/password logins (Score: 1)
by jaykaykay  on Thursday, 15 May 2003 @ 20:38:50 UTC
(User Info | Send a Message)
There seems to be nowhere else aside from this one article that anyone can find anything about this little bad boy. See http://www.broadbandreports.com/forum/remark,6851639~root=security,1~mode=flat. We (I am) are stymied as to what it is, where it is, and why it is that nobody else has even heard of this. Any clues?


 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Microsoft
· Microsoft
· HotScripts
· W3 Consortium
· Spam Cop
· More about Bug Alert
· News by cj

Most read story about Bug Alert:
Attacked by the Downloader virus
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
215ppm 0.119s (0.008s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer