I and another member of my gaming clan had it popup also today in the same area. i had exceptions put in and my Kaperskies caught win32.Badur.trojan this afternoon. after doinf a full disinfection of my compute window popped up with multiple damaged area for repair
rojan . Badur is a nasty infection that could corrupt your Windows operating system without much effort at all. Also referred to as Trojan . Win32 . Badur .hbyw or … Do you know what Trojan.Badur is?
Trojan.Badur is a Trojan horse. It works by employing a Steam gaming platform bot that adds people as friends and sends a shortened link, which contains a malware program disguised as a screensaver file. When opened, it creates a backdoor that allows a malicious program to enter your system. It steals your Steam login data and takes over the account. If this situation feels familiar to you, we are here to explain how Trojan.Badur works and how to remove it.
Trojan.Badur infects your system when you accept a friend request from an unknown person. After you accept this bot as a friend, a chat pop-up immediately comes up. This “person” introduces himself as a real-life friend and gives you a bit.ly link to a photo. Being wary of shortened links could literally save you a lot of trouble later on, because dealing with Steam customer support to restore any stolen items could take a long time.
When you click the shortened link, you are redirected to Google Drive, where the file, IMG_211102014_17274511.scr, is hosted. Since “&confirm=no_antivirus” is added to the Google Drive URL, you are presented with the option of running or saving the file on your computer immediately. If you click Run, the malware that hacks your Steam account will load. In this case, you should close your Steam client and remove Trojan.Badur together with any other malicious files immediately. Otherwise, if you choose to save the file on your computer, delete it along with Trojan.Badur immediately and scan your system with a malware removal program.