Spyware Warrior reports about new rogue anti spyware – The Spyware Shield The Spyware Shield uses inadequate detection scheme. This app as Ad-Purge Spyware Remover, Privacy Crusader, & Spy Reaper Downloadable from thespywareshield.com
A new variant of W32/Feebs is making the rounds. Fellow handler Bojan has spent quite some time with de-obfuscating the JavaScript and VB code, and we’re still looking at what it does besides downloading base64 encoded versions of W32/Feebs. You might want to block access to *.coconia.net *.by.ru *.kazan.bz *.t35.com *.freecoolsite.com *.nm.ru until the AV
Leap.A is a binary file compiled for Mac OS X. It arrives in an archive file, called ‘latestpics.tgz’. When the executable in the archive is opened the virus activates. First it drops an icon resource and an external hook bundle which is used for spreading through iChat. Spreading through iChat Leap.A installs a bundle to
F Secure have received a new Bagle mass-mailer. This Bagle mass-mailer first appeared on February 9th, 2006. It spreads in e-mails sometimes pretending to be an antivirus definition file from Symantec. The worm also spreads to shared folders. In addition it drops a trojan downloader. F Secure detect this new mass mailer as W32/Bagle.FM@mm. When
A new rogue anti-spyware application has surfaced as a replacement for SpyAxe/SpywareStrike. Behold: SpyFalcon! Once installed this program will issue fake taskbar alerts, which look like Windows Security alerts, stating that you are infected with various viruses and advising you to click on the icon to remove them. Once you click on the icon Spyfalcon
In January, Sdbot.ftp was the malware specimen most frequently detected by the free online antivirus solution Panda ActiveScan. In addition to this malicious code topping the ranking for the seventh month running, other notable aspects of this month’s list include the second place held by WMF Exploit and the presence of Tearec.A/W32.Blackmal.E@mm /BlackWorm virus or
On systems that are infected by Win32/[email protected], BlackWorm, W32.Blackmal.E@mm, WORM_GREW.A, W32/Nyxem-D, Email-Worm.Win32.VB.bi, the malware is intended to permanently corrupt a number of common document format files on the third day of every month. February 3, 2006 is the first time this malware is expected to permanently corrupt the content of specific document format files. The
Sunbelt and Spyware Warrior reports about new rogue anti spyware AlfaCleaner. AlfaCleaner is a variant of the Anti Virus Pro, Winhound Spyware Remover, & XSRemover Downloadable from alfacleaner.com, innovagest2000.com We recommend to blocking specific domains and IP address: x-stories.org – 69.50.187.19 zlex.org – 85.255.115.227, 85.255.116.213, 85.255.117.51 Noi.themovie.com that calls the x-stories.org – 69.50.187.19 Cleanchan.net –
ICQCHK Trojan is installed by VideoCodec3_05b.exe to help you play “funny” movies. Now the Trojan’s web sites are closed. Related files in the %SysDir% folder (usually c:\ Windows\System32): kaboom.dll iewatch.exe A0003016.exe VideoCodec3_05b.exe sysmon.exe msx.dll gtrack.dll ietool[1].exe ietool[2].exe ietool[3].exe Removal Instructions Download special software: RegRun Reanimator Unzip it to any folder on your hard drive. *
The destructive deadline of the Nyxem.E worm is based on the clock of the infected machine. So if you’re infected and your clock is not set right, things could start to happen at any time – even though the official activation time is the 3rd of the month. F secure have already received first reports
