VIRUS HELP TEAM



     ------------------------
     Amiga Virus Encyclopedia
     ZonderKommando 1
     ------------------------
     
     
     - ZonderKommando 1 file (name traceable)
     
          Other name: Mongo09 see above
          Known file: mongo09.exe
          Directed against BBS.
          Length packed: 1708 bytes
          Unpacked length: 3368 bytes 
          No bent vectors:
          No propagation as a burglary tool.
          Looks for Snoopdo's end if yes
          Searches for ACP.STARTUP If no end
          Creates file FLT_DSQ.DMS (the hack file = data is encoded)
          VT offers delete.
      
       Extract from unpacked file:
           4eaefeda 4a806730 4cdf7fff 4e755a6f N ... J.g0L. .NuZo
           6e646572 204b6f6d 6d616e64 6f203230 or command 20
           3038202d 20546865 204e6577 2047656e 08 - The New Gen
                 ; .....
           51c8fffa 4e750000 00000000 533a4143 Q ... Nu ...... S: AC
           502e5354 41525455 50000000 00000000 P.STARTUP .......
                 ; .....
           00000000 00000000 0000434f 4e465f4c .......... CONF_L
           4f43414c 2030322d 0075706c 6f61642f OCAL 02-.upload /
           464c545f 4453512e 444d5300 75736572 FLT_DSQ.DMS.user
           2e646174 61004242 535f4c4f 43415449 .data.BBS_LOCATI
           4f4e2000 00000000 00000000 00000000 ON .............
                 ; .....
           00006262 733a636f 6e666967 30000000 ..bbs: config0 ...
                 ; .....
           00000000 00000000 536e6f6f 70446f73 ........ SnoopDos


     Original test by Heiner Schneegold
     Translated from german to english by Google translate
     
     

Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk