From; Panda; Oxygen3: "As is a tale, so is life: not how long it is, but how good it is, is what matters." Lucius Annaeus Seneca (2 BC - 65 AD); Roman philosopher. - Top Ten viruses most frequently detected by Panda ActiveScan in February - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, March 4, 2005 - According to the data gathered by Panda ActiveScan, the free online antivirus solution, in February, Downloader.GK was the malicious code responsible for most attacks on users' computers for the ninth month running. It is also worth noting the prominence of the Downloader family -with four of the top ten places- and the dominance of Trojans in general. Over the past month, Downloader.GK has caused just over 4.5 percent of incidents, a significant drop with respect to the figure in January, which was around 8.5 percent. Close up in second place came Mhtredir.gen (4.03%), a generic detection for a family of Trojans, followed by the Shinwow.E Trojan (3.48%), and the only two worms that appear in the ranking: Netsky.P (3.27%) and Sdbot.ftp (3.04%). The remaining five places in the Panda ActiveScan Top Ten for February are occupied by the Trojans Zpachast.D, Downloader.LP, Downloader.ALQ, Qhost.gen and WmvDownloader.A-, with frequency ratings ranging from 1.52 to 2.17 percent. The following points stand out from the data collected by Panda ActiveScan in February: - Strong presence of the Downloader family of Trojans. The GK variant of Downloader tops the February ranking, which also includes three other members of the same family. This prominence could be largely due to the numerous malicious actions that Downloader Trojans can take, such as downloading other malware (adware, spyware, etc.) onto compromised systems, making them especially useful for their creators who are therefore busy generating new variants. In fact, this month's ranking includes two relatively new variants: WmvDownloader.A and Downloader.ALQ, which first appeared in mid-January and early February respectively. - Trojan dominance. Eight of the ten malicious code in the ranking are Trojans, as opposed to six in January. This shows a continuation of the trend that started in June 2004, when Trojans began to take over from worms as the most frequently detected infectors. The overriding presence of Trojans in the Panda ActiveScan Top Ten reflects the intense activity of cyber-crooks, seeking financial gain by exploiting the fact that Trojans can be used to steal confidential data which can then be used fraudulently. - Additional threats. As was the case in January, several of the most prominent Trojans in February download and run other types of malware, such as spyware, on users' computers. The main consequence of spyware on PCs is the gathering of information, including confidential details. If these effects are cause for concern in home computers, in corporate environments they can result in serious financial losses, given the time taken by IT staff to resolve the problem and regain control of the system and the loss of productivity of employees trying to work their way through the annoying distractions that these programs create (redirecting websites, pop-ups, etc). More serious still, the theft of confidential information, including passwords, means that administrators need to keep a constant watch over each and every computer to prevent this kind of attack. To help as many users as possible keep their systems virus free, Panda Software offers Panda ActiveScan, which now also detects spyware, free of charge at http://www.pandasoftware.com. Webmasters who would like to include ActiveScan on their websites can get the HTML code, free of charges, at http://www.pandasoftware.com/partners/webmasters. Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (http://www.pandasoftware.com) and complete the corresponding form in the Virus Alerts section. For more information about these and other malicious code, visit Panda Software's Virus Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia. NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1) Netsky.P; 2) Mhtredir.gen; 3) Downloader.GK; 4) IEstart.D; 5) Shinwow.E. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member