The Infector 1.3

The Infector (1.3)
Server name: The Infector 1.3
Version: 1.3
Different versions: [1.0][1.3][1.4][1.4.2][1.6][1.6.3][1.7][1.7 version 2][17 bonus]
Tested: Yes, on Windows 95 and Windows NT
Server size: 292K
Server files: server.exe
Server icon:

Infects: Windows 95/98/ME
Autloads: System.ini: shell=Explorer.exe c:\where ever the trojan is.exe under [boot]
Default port: 146 TCP and UDP
Can port be changed: No

Server Features

ICQ notify
Remove server
Run file
Upload file

Comments
The Infector 1.3 is an upload trojan. Being an upload trojan means this trojan is sent to infect the victim. Once infected, this trojan is used to upload other trojans (such as SubSeven) and infect the victim with these other trojans. In this version, of The Infector, The Infector 1.3 added an edit server program. This program allows the ICQ UIN to receive notification when the server is online to be configured before The Infector is sent out.

Note: This is a trojan that can be submitted to us for analysis. We can possibly determine for you the password that was used and the ICQ UIN that was being notified. For more information on submitting trojan files to us read here.

How To Remove
Quick fix: no quick fix programs
Manual removal:

Remember the file name after the shell=Explorer.exe under [boot] in the system.ini. Then change the shell=Explorer.exe c:\where the trojan is.exe to shell=Explorer.exe in the system.ini under [boot]. Which can be done with any other text editing program.
Reboot the computer or close the trojan file.
Delete the trojan file.

Related
Article: General removal info
Section: Test your knowledge, take our Trojan Quiz
Service: Trojan removal
Service: Tell a friend about this trojan
Service: Print this page

Copyright © 2000 and 2001, Dark Eclipse Software. All rights reserved.
This page may not be redistributed or reproduced in any manner without specific written permission from Dark Eclipse Software. If permission to use this page is desired then contact Dark Eclipse Software. While we consider the content of this page to be accurate, we cannot guarantee either the accuracy or the appropriateness of any portion of the page, including our analysis and manual removal.
Any actions taken by a reader in response to this or any other Dark Eclipse Software page are completely and solely their responsibility.