Tuesday, April 5, 2011

Virus via email attachment ZIP ... bude.exe

I got a "different" kind of email from what I "thought" was  DHL-USA.
It said it was to tracking information for a package sent to me.
Being that I do use DHL  ... I thought nothing of it. 
But, it was strange that it was in a ZIP file   (many business owners don't know how to handle a ZIP).
Now, the RED flag  should have been ... there was a  exe file inside ... bude.exe
What was interesing was that it installed itself at this path

and was Hidden on the  files Running List in  Win7 PRO.

Well, I  knew it was trouble when it tried to go outside my  Firewall to the Internet.

Short story  ...  I reported the virus   ...  my AntiVirus on a Quick scan did not detect it!
After I reported the  issue ... a UPdate was done ... and when I scanned it "then" caught it.

It seems to look for  User info and Passwords ... and probably  sends it back.
I noticed my  IE  had no UserNames  stored.       So, I would have to re-type everything.
What is interesting is ...  I did not notice it was running ... and  a scan did not catch it at first.
Started getting  "more"  SPAM  after I  went thru a site  asking survey questions in order to get a  Free or Discounted iPad  ... I know , I know ... what a mistake. :)  ... I should know better.
Hope this helps,
Ross Hamamura
The Tourist of Light

No comments: