Proland Software  Download Now!

Home
Antivirus products
Download Antivirus Software
Order On-line
Support
Email
Protector Plus Antivirus Software for
Antivirus Software for Windows XP and 2000
Antivirus Software for Windows Vista
Antivirus Software for Windows Me and 98
Antivirus Software for Exchange
Antivirus Software for NetWare
Protector Plus Console
Buy Antivirus software now!


SpamChoke Antispam
Software

Subscribe to Virus Alert
Mailing List

Enter your Email
 (Ex : john@company.com)






Download Anti virus software

Win32/Badtrans.B Worm

Blueball Information about the Win32/Badtrans.B worm:

Badtrans.B is a mass mailing email worm. This a variant of Badtrans.A worm. This worm will infect Windows systems. Badtrans.B spreads through MS-Outlook or Outlook Express.

Click here to download the FREE utility (CleanBT.EXE) to detect and remove the Win32/Badtrans.B worm from your computer.

The email generated by the worm could have the subject as a response to an earlier mail sent from the system, with the Re: prefix. Sometimes, it is also know to have just Re: in the subject. The infected mail carries an attachment, which is in a compressed format with any one of the following names:

Sorry_about_yesterday.DOC.pif
news_doc.scr
fun.pif
Pics.ZIP.scr
images.pif
README.TXT.pif
Humor.TXT.pif
New_Napster_Site.DOC.scr
hamster.ZIP.scr
s3msong.MP3.pif
YOU_are_FAT!.TXT.pif
searchURL.scr
SETUP.pif
Card.pif
Me_nude.AVI.pif
docs.scr

When the infected attachment is executed, it checks if the process KERNEL32.EXE, is running. If the Worm finds this process running, it terminates the process and copies itself to the WINDOWS\SYSTEM directory as KERNEL32.EXE. It then goes on to collect RAS information of the system and stores it as a file, CP_25389.NLS, in an encrypted format. It copies a trojan file called KDLL.DLL, which collects passwords and details of the programs running.

A registry key is created;

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\kernel32

Email addresses from .HTM, .HTML and .ASP files are collected as well and Badtrans emails itself to those addresses.

Blueball Other names of Win32/Badtrans.B worm:

The worm is also known as W32.Badtrans.B, IWorm_Badtrans, TROJ_BADTRANS.B.

Blueball Removing Win32/Badtrans.B worm from your computer:

You can remove this worm from your computer by using Protector Plus antivirus software.

Download Now

Download the FREE Evaluation copy of Protector Plus antivirus software


You can also use the CleanBT.EXE program that is made specially to detect and remove the Win32/Badtrans.B worm.

Blueball About Protector Plus Antivirus Software Packages:

Proland Software is the developer of Protector Plus range of antivirus software packages. Protector Plus is available for Windows Vista, Windows 95/98/Me, Windows XP, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.

SpamChoke Antispam Software

New:
SpamChoke Antispam Software
Download Now!

Protector Plus range of antivirus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware. Protector Plus antivirus software can detect and remove Win32/Badtrans.B worm reliably.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

Click here to order
Protector Plus Antivirus software 

 Buy Antivirus software now!


You can download the 30 day evaluation copy of the
antivirus software free of cost for these platforms:
Antivirus Software for Windows XP and 2000 Antivirus Software for Windows Me and 98 Antivirus Software for Exchange Antivirus Software for NetWare


HomeAntivirus productsDownload Antivirus SoftwareOrder On-lineEmail

Copyright © 2007 Proland Sofrware. All rights reserved.


Download Anti virus software