Tuesday, April 5, 2011
I got a "different" kind of email from what I "thought" was DHL-USA.
It said it was to tracking information for a package sent to me.
Being that I do use DHL ... I thought nothing of it.
But, it was strange that it was in a ZIP file (many business owners don't know how to handle a ZIP).
Now, the RED flag should have been ... there was a exe file inside ... bude.exe
What was interesing was that it installed itself at this path
and was Hidden on the files Running List in Win7 PRO.
Well, I knew it was trouble when it tried to go outside my Firewall to the Internet.
Short story ... I reported the virus ... my AntiVirus on a Quick scan did not detect it!
After I reported the issue ... a UPdate was done ... and when I scanned it "then" caught it.
It seems to look for User info and Passwords ... and probably sends it back.
I noticed my IE had no UserNames stored. So, I would have to re-type everything.
What is interesting is ... I did not notice it was running ... and a scan did not catch it at first.
Started getting "more" SPAM after I went thru a site asking survey questions in order to get a Free or Discounted iPad ... I know , I know ... what a mistake. :) ... I should know better.
Hope this helps,
The Tourist of Light
Posted by Ross Hamamura at 11:25 PM