New Trojan Makes Computers Talk While Wiping out the Hard Drive

New Trojan Makes Computers Talk While Wiping out the Hard Drive

If your computer starts talking to you and tells you that you are infected and your files have been deleted, it’s no joke, you have just been infected by the BotVoice.A Trojan.

This new malicious code detected by PandaLabs last week uses the Windows text reader to play the following sentences:

“You have been infected I repeat you have been infected and your system files have been deleted. Sorry. Have a nice day and bye bye.”

These comments are repeated over and over again while the Trojan tries to delete the entire content of the computer’s hard disk. Sometimes, BotVoice.A might not manage to delete all of the system files. However, this doesn’t prevent it from rendering computers unusable as it modifies the Windows registry so that none of the programs installed on the computer nor the task manager can be run. It also disables the Windows registry editor in order to safeguard its malicious actions.

“This is a very unique Trojan. Not only does it delete computer files, but also makes fun of users. Meanwhile, it does everything necessary to make it impossible to stop its actions,” explains Luis Corrons, Technical Director of PandaLabs.

This Trojan uses the usual means of propagation: P2P networks, physical storage devices, such as USB memory sticks, floppy disks or CD-ROMs, and downloads performed by other malware or from malicious web pages, etc.

In cases of a new and previously unknown Trojan like BotVoice.A, the infection will not be prevented by traditional antivirus software which relies primarily on signature files of known malware.

“Current users of Panda software with TruPrevent Technology were not infected by this Trojan last week. TruPrevent is an advanced technology that incorporates behavior analysis which can detect malicious code that was previously unknown and not included in even the most updated malware signature files,” said Ryan Sherstobitoff, Product Technology Officer, Panda Software USA.

More information about this and other threats is available in Panda Software’s Encyclopedia at http://www.pandasoftware.com/virus_info/encyclopedia/

If you want to know whether this or any other malicious code has infected your computer, you can use Panda Software’s online tools, available at http://www.infectedornot.com

About PandaLabs

Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent(R) Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users. More information at http://www.pandasoftware.es/pandalabs.asp/ and the PandaLabs blog (http://blogs.pandasoftware.com).

For more information: http://www.pandasoftware.com/virus_info