Announcement

Collapse
No announcement yet.

new virus?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • new virus?

    Has any 1 heard of any new viruses that take control of your keyboard and mouse?? i've have had problems now for about a month with this??? i've done a avg virus scan but nothing comes up???? plz help or reply
    Please Direct me 2 the Nearest Padded Room

  • #2
    my pc is full of virusses, but i dont have this one, im so sorry
    [BiA]Masterz0r

    Comment


    • #3
      Weekly virus report




      10/24/2003. This week's report on malicious code will focus on three worms -Lohack.C, Flop.A and Sexer.A-, a Trojan called Sdbot.N and the virus Vix.A.

      Lohack.C spreads via e-mail and across network drives. The message carrying this worm tries to trick users by referring to the Spanish Information Society and E-business Services law. It also spoofs the sender's address, so that it seems to have been sent from the Spanish Ministry of Science and Technology or Panda Antivirus.

      Lohack.C automatically activates when the message carrying the worm is viewed through the Preview Pane in Outlook. It does this by exploiting a vulnerability -known as Exploit/Iframe- that affects versions 5.01 and 5.5 of Internet Explorer and allows e-mail attachments to run automatically. Finally, one of the effects of Lohack.C is that it moves the mouse pointer around the screen.

      Today's second worm is Flop.A, which spreads by copying itself to all the floppy disks used on the affected computer, provided that they are not write-protected. When this malicious code is run, it displays a message in Spanish describing how to enlarge the male member. The file carrying Flop.A has the same icon as Word documents.

      Sexer.A is a worm that spreads via e-mail in a message written in Cyrillic characters and includes an attachment called WIN2DRV.EXE. When Sexer.A has infected a computer, it sends a copy of itself to all the contacts it finds in the Windows address book and changes the Windows wallpaper for a text with Cyrillic characters.

      The fourth malicious code in today's report is a Trojan called Sdbot.N. This Trojan has been mass mailed in a message with the subject: "Microsoft Security Update" and an attachment called MS03-047.EXE. The message text also tries to trick the user into believing that the message has been sent by Microsoft. However, when the attached file is run, Sdbot.N goes memory resident and connects to an IRC channel. This channel sends the Trojan remote control commands in order to carry out the following actions, among others: scan ports, download and run files, launch Denial of Service (DoS) attacks, etc.

      Finally, Vix.A is a virus with worm characteristics that infects PE files and spreads via the P2P (peer-to-peer) file sharing programs KaZaA, iMesh and Shareaza. A file that has been infected by this virus cannot be disinfected and will therefore be rendered unusable.
      Pure (Sweden) Biggest nOOb ever....Free Birth

      Comment


      • #4
        I have a sort of virus its called ET....it makes me sitting up day and night playing this...even if i try to move away from it...my brain only tell me...just another hour...

        M8ts what should i do should i format the B:rain or just get me a real life
        Last edited by [BiA] Eaglefire; 10-29-2003, 12:53 AM.



        "We happy few, we band of brothers - for he today that sheds his blood with me - shall be my brother"
        - William Shakespear, King Henry V

        Comment


        • #5
          Defend the Objective!

          Comment


          • #6
            sheeesh spam shows up everywhere even in seriuos subjects
            Please Direct me 2 the Nearest Padded Room

            Comment


            • #7
              LOL, Eaglefire

              Greetz Joakim!
              Ownage!

              Comment


              • #8
                10/31/2003. Bugbear.B heads the ranking of malicious code that have caused the highest number of attacks in October

                According to the data gathered by Panda ActiveScan, Panda Software’s free online scanner, Bugbear.B once again heads the monthly list of the most virulent malicious code.
                In September, this worm was responsible for just over five percent of infections detected by ActiveScan. In October however, it was responsible for over two percent more. This increase can no doubt be explained by its capacity to mass-mail itself and to exploit a vulnerability in Internet Explorer to run automatically.

                Bugbear.B is closely followed by Gibe.C, which was also the culprit in just over seven percent of incidents. This worm spreads via e-mail in a message which perfectly imitates the design of a Microsoft website to trick users into thinking that the attachment is a security patch.

                In third place is the Blaster worm, which was responsible for just under six percent of infections. The fact that this worm spreads directly via the Internet and exploits the RPC DCOM vulnerability in Windows allows it to continue infecting unprotected computers.

                Parite.B takes fourth place, having caused just over five percent of incidents. This virus spreads through the means normally used by viruses: CD-ROMs, Internet downloads, e-mail, etc. as well as across local networks.

                In fifth and sixth place are Klez.I, with over four and a half percent, and PSW.Bugbear.B, with over three and a half percent.

                Two variants of the Blaster worm, Blaster.E and Blaster.C, come in sixth and seventh place, with over three percent of incidents each. Finally, at the bottom end of the ranking are Nachi.A and EnerKaz with over two and half percent of infections each.

                From the data collected by Panda Software’s free online antivirus last month, it can be concluded that many computer users still haven’t applied the security patches released by Microsoft. Eight of the Top Ten malicious code spread by exploiting security flaws in the software installed on computers. In fact, the first virus in the ranking that does not rely on the fact that users have not applied security patches in order to spread is Parite.B in fourth place and the second, Enerkaz, is in tenth place.


                The worm Mimail.C is still spreading and a new variant has appeared: Mimail.D




                11/01/2003. In the last hours, the e-mail worm Mimail.C is still spreading all over the world. However, it is not an epidemic right now. It has been affecting users from Spain, Uruguay, Chile, Bolivia and Venezuela (more information on http://www.pandasoftware.com). As the virus is capable of launch DoS (Denial of Service) attacks against web servers, it is possible that it activity will be increased at the beginning of the week. So, Panda Software recommends users to pay attention to this worm.

                A new variant has appeared a few hours ago: Mimail.D. The behaviour of this new worm is very similar to the first variant W32/Mimail. It spreads via e-mail in a message with the following characteristics:

                Sender:
                admin@%domain%
                %domain% is the domain of the user’s e-mail address.
                Subject:
                Your account xxxxxxx
                xxxxxxx is a group of random lower-case letters.
                Message:
                Hello there,
                I would like to inform you about important information regarding your email address. This email address will be expiring.
                Please read attachment for details.
                ---
                Best regards, Administrator
                xxxxxxxx
                Attachments:
                message.zip
                In addition, the message includes the high priority flag.
                Mimail.D searches for e-mail addresses, in order to send out a copy of itself using its own SMTP engine:

                Due to the incidents received with Mimail.C and the possibility of an increase in the number of infections caused for this or the new variant, Panda Software advises users to be extremely careful with e-mail messages received and to update their antivirus solutions immediately.

                Panda Software has already released the updates, which ensure their antivirus solutions detect and eliminate Mimail.C and Mimail.D. Users can also detect this and other malicious code using the free, online antivirus, Panda ActiveScan, which is available on the company’s website at www.pandasoftware.com.

                For more information about Mimail.C and Mimail.D, visit Panda Software’s Virus Encyclopedia at the following address: http://www.pandasoftware.com/virus_info/encyclopedia.

                Panda Software offers users the free removal utility for Sober.A


                10/30/2003. Panda Software has made its PQREMOVE utility available to any users who need to remove this dangerous new worm from their computers


                Given the increase in incidents received by PandaLabs involving the Sober.A worm, Panda Software has made its PQREMOVE application available to all users to repair any possible damage caused to computers by this malicious code. This utility can be downloaded free of charge by anyone who needs it, from: http://www.pandasoftware.com/download/utilities/

                As Panda Software has previously reported, Sober.A is a worm that spreads via e-mail with highly variable subjects and message texts in English or German. The message also includes an attachment which, if run, causes a false error message to appear.

                Sober.A sends itself to all the addresses it finds in a number of files on the computer, using its own SMTP engine. It stores all the addresses it finds in the file %sysdir%\MACROMED\HELP\MEDIA.DLL.

                One of the main dangers of Sober.A is that it leaves two resident copies of itself running continually. If a user terminates one of the processes, or deletes one of these copies, the other will start it up or create it again.

                To prevent possible infections, Panda Software advises users to treat all e-mails received with caution, and to update their antivirus solutions if they haven’t already done so. The company has already made the updates to its products available to users to ensure their solutions can detect and eliminate Sober.A. Those whose software is not configured to update automatically, should update their solutions from http://www.pandasoftware.com/. Users can also scan their computers using the free, online antivirus, Panda ActiveScan, which is available on the company’s website at http://www.pandasoftware.com.

                Detailed information about Sober.A is available from Panda Software’s Virus Encyclopedia.
                Pure (Sweden) Biggest nOOb ever....Free Birth

                Comment

                Working...
                X