Trojan-Banker.Win9x.Melder

Class Trojan-Banker
Platform Win9x
Description

Technical Details

Melder is a harmless nonmemory resident parasitic Win32 virus. The virus itself is a Windows PE EXE file, written in Delphi. The virus size is about 46KB.

The Melder virus infects .EXE files in the Kazaa file sharing network download directory. In case Kazaa is not installed, the virus fails to infect the computer. While infecting the virus writes itself to the beginning of the file (the original file body is moved down before infecting).

The virus also copies itself to two files in the Windows directory and the Temp subdirectory:

 in Windows directory:        Melda.Scr
 in WindowsTemp directory:   KaynakDosya.exe

The virus contains the text string:

 This Is A Infected File
 Infecting Kazaa Files...