-=PCTechTalk=- Trend Micro Medium Risk Virus Alert - WORM_WURMARK.J

• From: "David F. Wooledge" <wooledge001@xxxxxxxx>
• To: "@freelistts PCTechTalk" <pctechtalk@xxxxxxxxxxxxx>
• Date: Thu, 12 May 2005 01:15:34 -0700 (PDT)

Trend Micro Newsletters Editor <editor@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:Date: 
Wed, 11 May 2005 07:37:33 -0700
From: "Trend Micro Newsletters Editor" <editor@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Trend Micro Medium Risk Virus Alert - WORM_WURMARK.J
To: wooledge001@xxxxxxxxxxx

Dear Trend Micro customer,

As of May 11, 2005 4:30 AM (Pacific Daylight Time/GMT -8:00), TrendLabs has 
declared a Medium Risk Virus Alert to control the spread of WORM_WURMARK.J. 
TrendLabs has received several infection reports indicating that this malware 
is spreading in France, India, Taiwan, and Singapore.

This memory-resident worm propagates via email messages. Upon execution, it 
drops a copy of itself in the Windows system folder using a random file name.

It also drops a randomly named (Dynamic Link Library) DLL file in the Windows 
system folder, which is a component of IESpy, a spyware program. 

This worm has a keylogging capability. It saves the logs typed by the user in a 
dropped random DLL file. 

It drops several .ZIP files in the Windows system folder as email attachment.

This worm propagates by sending a copy of itself via email. The email message 
contains the following details:

Subject: (any of the following)
-details 
-girls 
-image 
-love
-message
-music
-news 
-photo 
-pic 
-readme
-resume 
-screensaver
-song
-video 

Attachment: (any of the following file names)
-details.zip
-girls.zip 
-image.zip 
-love.zip
-message.zip
-music.zip
-news.zip 
-photo.zip 
-pic.zip 
-readme.zip
-resume.zip 
-screensaver.zip
-song.zip
-video.zip 

TrendLabs will be releasing the following EPS deliverables:

TMCM Outbreak Prevention Policy - 174 (uploaded)
Official Pattern Release - 2.625.00
Damage Cleanup Template - 596

For more information on WORM_WURMARK.J, you can visit our Web site at:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_WURMARK.J

You can modify subscription settings for Trend Micro newsletters at:
http://www.trendmicro.com/subscriptions/default.asp

----------------------------------------------o0o----
IMPORTANT NOTE!
TrendLabs will also be releasing a corresponding 3-digit pattern file (995) to 
the pattern indicated in this email. This 3-digit pattern is a special release 
for users running non-NPF compliant products (i.e., old 3-digit pattern format) 
and is designed to provide protection against the most current malware threats. 
Users running non-NPF compliant products are still urged to apply the NPF 
solution at http://www.trendmicro.com/en/support/npf/overview.htm. These users 
may also upgrade to the latest product version. Only NPF-compliant products 
will be able to update with regular pattern releases. 

______________________________________________________________________
This message was sent by Trend Micro's Newsletters Editor using Responsys 
Interact (TM).

To unsubscribe from Trend Micro's Newsletters Editor:
http://trendnewsletter.rsc03.net/servlet/optout?mgLDYCCDUEPhhsLKnLTTUFIpnMhhmDJhtE0

To update your subscription preference, or to change your email address:

http://trendnewsletter.rsc03.net/servlet/website/PersonalizedForm?mgLEwkLMLkLgJL9LgmLk.40hktELtHpsEPhhsLKnLTTUFIpnMhhmDJhtEhE3vyf_31yf7yd_c_z18z


To view our permission marketing policy:
http://www.rsvp0.net
Copyright 1989-2005 Trend Micro, Inc. All rights reserved
Trend Micro, Inc., 10101 N. De Anza Blvd., Suite 200, Cupertino, CA 95014





David F Wooledge
Mental Health Advocate
237 Goodrich Street 
Erie PA 16508-1818 
814-459-0741 
814-217-1920 
717-441-4910 (DBSA PA)
717-441-4911 (Laptop Soft Phone)
814-602-0510 (cell) 
814-217-1936 (fax) 
814-456-6593 (fax MHA of NP) 
wooledge001@xxxxxxxx 
dwooledge@xxxxxxxx
http://www.vtext.com/users/8146020510
http://www.geocities.com/wooledge001_/
http://www.mental-health-advocate.us 






--
<Please delete this line and everything below.>

To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk

To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/

Other related posts:

• » -=PCTechTalk=- Trend Micro Medium Risk Virus Alert - WORM_WURMARK.J

1. Home
2. pctechtalk
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---