[virusinfo] Re: Trend Micro Weekly Virus Report - April 29, 2005

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Fri, 29 Apr 2005 12:42:14 -0700

From; TREND  MICRO  WEEKLY  VIRUS  REPORT
    
(by TrendLabs Global Antivirus and Research Center) 

------------------------------------------------------------------------
Date: Friday April 29, 2005

------------------------------------------------------------------------
To read an HTML version of this newsletter, go to: 

http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VR


Issue Preview: 

1. Trend Micro Updates - Pattern File & Scan Engine Updates
2. No Peer-to-Peer - WORM_NOPIR.B (Low Risk)
3. Top 10 Most Prevalent Global Malware 
4. Roundup: April Virus Activity & Analysis
5. Spies Among Us - Read the IDC Whitepaper on the Growing Threat of Spyware

NOTE: Long URLs may break into two lines in some mail readers. 
Should this occur, please copy and paste the URL into your browser window.



1. Trend Micro Updates - Pattern File & Scan Engine Updates 
------------------------------------------------------------------------
PATTERN FILE: 2.604.00 
http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VS

SCAN ENGINE: 7.510 
http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VT
 

2. No Peer-to-Peer - WORM_NOPIR.B (Low Risk)
------------------------------------------------------------------------
WORM_NOPIR.B is a non-destructive, memory-resident worm that propagates
via peer-to-peer networks. It searches for availabe peer-to-peer 
applications and then sends copies of itself to all available or online 
users. This worm is spreading in-the-wild and infecting computers running
Windows 95, 98, ME, NT, 2000, and XP.

Upon execution, this memory-resident worm creates the folder 
%Program Files%\Restore. It then drops a copy of itself in this folder as 
VXST.EXE. It also drops a copy of itself as  
%Program Files%\Projects Visual Studio.NET\Nctrup.exe, and searches for and 
deletes files with the extensions .com and .mp3.

This worm also creates several registry entries that perform the following:
-ensure its automoatic execution at every Windows startup
-Disable registry tools
-Prevents the user from accessing the Control Panel to edit the registry

This worm does not check for memory-residency, so multiple instances of 
it may run on a computer system. 

If you would like to scan your computer for WORM_NOPIR.B or thousands of 
other worms, viruses, Trojans and malicious code, visit HouseCall, Trend 
Micro's free, online virus scanner at: 
http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VU


WORM_NOPIR.B is detected and cleaned by Trend Micro pattern file #2.591.03 
and above. 

For additional information about WORM_NOPIR.B please visit: 

http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VW


3. Top 10 Most Prevalent Global Malware 
(from April 22 to April 28, 2005)
------------------------------------------------------------------------
1. HTML_NETSKY.P
2. JAVA_BYTEVER.A
3. HKTL_BRUTFORCE.A
4. WORM_NETSKY.P
5. TSPY_SMALL.SN
6. TSPY_LINEAGE.GEN
7. SPYW_GATOR
8. SPYW_DASHBAR.300
9. SPYWARE_GATOR.D
10. TROJ_BAGLE.BH

4. Roundup: April Virus Activity & Analysis 
------------------------------------------------------------------------ 
April can now lay claim to the title of being the first month of this year 
without a virus outbreak. In addition to an alert-free month, TrendLabs
documented an astounding amount of malware -- 3,222 in the last 30 days.
Trojans 
continue to dominate, but BOT worms are holding steady.

Read the full roundup of April activity:

http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VY



5. Spies Among Us - Read the IDC Whitepaper on the Growing Threat of Spyware
------------------------------------------------------------------------
It is no secret that spyware is a growing problem, and it's not going away.
It 
threatens network security, increases cost, reduces productivity, and only 
benefits and enriches the lives of criminals. 

According to a 2004 study conducted by IDC, spyware was ranked as the
fourth 
greatest threat to network security -- ahead of spam, hackers, and
cyberterrorism. 
Increasingly, more malicious types of spyware are being installed without
users' 
consent.

This white paper will help you gain insight into the impact of spyware and 
the challenges of managing it. It discusses Trend Micro's integrated, 
multilayered security solutions that secure spyware, worms, viruses, and
other 
malicious code.

-Read the IDC Spyware White Paper:

http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VA


-Learn more about Trend Micro's anti-spyware products and services:

http://trendnewsletter.rsc03.net/servlet/cc5?lgLQYCAQTVupsLIpsLxlLtmkQgLlV2VB


To view our permission marketing policy:
    http://www.rsvp0.net
Copyright 1989-2005 Trend Micro, Inc.  All rights reserved
Trend Micro, Inc., 10101 N. De Anza Blvd., Suite 200, Cupertino, CA 95014

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member

Other related posts:

  • » [virusinfo] Re: Trend Micro Weekly Virus Report - April 29, 2005
  1. Home
  2. virusinfo
  3. Archive
  4. 04-2005