[news articles]
virus warnings
|
30th July, 2010 W32.Yimfoca!gen3 Extract not available. read more » |
|
30th July, 2010 Rootkit:W32/Small.LA Small.LA is distributed from the website checkraised.com embedded in a Rakeback calculator application (RBCalc.exe). The main screen of the calculator program looks like: Installation When the trojan application RBCalc.exe is executed, it silently drops read more » |
|
29th July, 2010 Worm:W32/PDF This is the first worm to use Adobe Acrobat PDF format as a platform. However, it only works under the full 'developer' version of Acrobat. The common Acrobat Reader program is not affected by this worm. The worm operates as a VBS script embedded within read more » |
|
29th July, 2010 Worm:W32/Benjamin The Benjamin worm uses KaZaa Peer-To-Peer (P2P) network to spread. The KaZaa network allows its participants to exchange files with each other, using the special client software. The worm opens benjamin.xww.de Web-site to view an advertisement. The worm read more » |
|
29th July, 2010 Email-Worm:W32/Vote.D terrorist attacks and appears to be trying to remind and/or frighten users with the tragedy. Propagation The e-mail messages sent by Vote.D have the following characteristics: • Subject: WORLD TRADE CENTER PICTURES • Body: Remember The read more » |
|
29th July, 2010 Email-Worm:W32/Vote.B A more recent variant, Vote.C, combines features of Vote.A and Vote.B. Vote.C is functionally identical to Vote.B, but is propagated via e-mail messages identical to those used to distribute Vote.A. Propagation Vote.B propagates in e-mail messages that read more » |
|
29th July, 2010 Email-Worm:W32/Vote Apparently this simple virus is written by a teenager. The original Vote was found on the 24th of September, 2001 - 13 days after the WTC tragedy. Binary part The worm uses standard Windows Mail API to access the user's address book. This affects users read more » |
|
29th July, 2010 Net-Worm:W32/Deloder A worm that replicates by sending complete, independent copies of itself over a network. Additional Details Deloder is a network worm infecting Windows machines which have set a weak password to the Administrator account. It also installs remote access read more » |
|
29th July, 2010 Net-Worm:W32/Allaple.A A type of worm that replicates by sending complete, independent copies of itself over a network. Disinfection Allow F-Secure Anti-Virus to disinfect the relevant files. For more general information on disinfection, please see Removal Instructions. read more » |
|
29th July, 2010 Exploit:HTML/Iframe.FileDownload This vulnerability allows a malicious HTML document, such as e-mail messages, to automatically execute when the document is viewed using Internet Explorer. It also effects e-mail clients that use Internet Explorer to view HTML formatted e-mail messages, read more » |
|
29th July, 2010 Net-Worm:W32/Nimda.E 1. The worm uses COOL.DLL name to upload itself to webservers 2. The worm uses HTTPODBC.DLL name to start from on servers 3. The worm uses CSRSS.EXE name to copy itself to servers This version of Nimda has few serious bugs that allow it to infect files read more » |
|
29th July, 2010 Net-Worm:W32/Nimda.C F-Secure Anti-Virus detects this variant with updates released on October 11, 2001 / 16:26:32 GMT. At that time F-Secure had yet to receive any report of affected users. read more » |
|
27th July, 2010 Email-Worm:W32/NetSky.P Extract not available. read more » |
|
27th July, 2010 Email-Worm:W32/VB.BI A worm that spreads via e-mail, usually in infected executable e-mail file attachments. Disinfection Special Disinfection Tool F-Secure Corporation provides a special disinfection utility to clean VB.bi infection from a computer. This disinfection read more » |
|
27th July, 2010 Worm:Linux/Slapper Slapper is a network worm that spreads on Linux machines by using a flaw discovered in August 2002 in OpenSSL libraries. The worm was found in Eastern Europe late on Friday September 13th 2002. The worm works on Intel-based machines running Linux read more » |
|
27th July, 2010 Backdoor:W32/Bugbear.K To remove the Bugbear worm from a system, it's enough to delete all its files from a hard drive and to restart a computer. If the worm is in a network environment, the network should be temporarily taken down and all systems have to be disinfected read more » |
|
27th July, 2010 Bloodhound.Exploit.346 Extract not available. read more » |
|
27th July, 2010 Sophos appoints Nick Bray as CFO IT security and data protection firm Sophos announced the appointment of Nick Bray to the role of chief financial officer. Bray is joining Sophos from Micro Focus plc (Global $1.70bn FSTE 200 Company), where he has been their Group CFO for the past four read more » |
|
27th July, 2010 PE_SALITY.LNK-O Extract not available. read more » |
|
27th July, 2010 TROJ_ZBOT.BXW Extract not available. read more » |