Click your ruby slippers together 3 times and repeat "There's no place like home, there's no place like home, there's no place like home..." If you came to this page directly, click the icon at the left to be taken to our Home Page

 
Virus News   

 


 


High Quality Lossless Music
Music Downloads

 

December 2006

Select the links for detailed information and removal tools for the latest viruses

For a Superior AntiVirus/Internet Security solution
Use AVG. Read about it here


W32.Mixor.Q 12/29/2006 2
W32.Spybot.AMTE 12/22/2006 2
W32.Stration.EL 12/15/2006 2
W32.Sagevo 12/13/2006 2
W32.Mixor.K 12/04/2006 2
W32.Medbot.A 12/03/2006 2





W32.Medbot.A
Discovered December 3, 2006
Systems Affected: All Windows32 Systems

W32.Medbot.A is a worm that opens a back door on the compromised computer and works as a relay proxy. It may also spread through network shares and download remote files.

Payload: Opens a back door, downloads remote files and functions as a relay proxy.
Large Scale E-mailing: Sends spam emails.
Distribution Level: Medium
Subject of Email: Varies
Shared Drives: Copies itself to shared network drives

Read the full Symantec report here

W32.Mixor.K@mm
Discovered December 4, 2006
Systems Affected: All Windows32 Systems

W32.Mixor.K@mm is a mass-mailing worm that drops additional malware on the compromised computer.

Damage Level: Medium
Distribution Level: High

Read the full Symantec report here

W32.Sagevo
Discovered December 13, 2006
Systems Affected: All Windows32 Systems

W32.Sagevo is a worm that spreads by exploiting the Symantec Client Security and Symantec AntiVirus Elevation of Privilege (as described in Symantec Advisory SYM06-010) and lowers security settings.

Payload: Exploits remote vulnerabilities
Compromises Security Settings: Lowers security settings.
Distribution Level: Medium

Read the full Symantec report here

W32.Stration.EL@mm
Discovered December 15, 2006
Systems Affected: All Windows32 Systems

W32.Stration.EL@mm is a worm that spreads by emailing itself to other computers. It also drops and downloads other variants in the W32.Stration@mm family of worms.

Payload: Sends copies of itself out in emails.
Large Scale E-mailing: Sends copies of itself out in emails.
Compromises Security Settings: Ends processes and services which may be security-related.
Distribution Level: High
Subject of Email: Varies
Name of Attachment: Varies
Ports: TCP Ports 25 and 80.

Read the full Symantec report here

W32.Spybot.AMTE
Discovered December 22, 2006
Systems Affected: All Windows32 Systems

W32.Spybot.AMTE is a worm that spreads through mIRC and to network shares protected by weak passwords. It also spreads by exploiting some vulnerabilities.

Payload: Spreads through mIRC and to network shares protected by weak passwords.
Modifies Files: Modifies files in order to compromise their functionality.
Distribution Level: High
Ports: TCP port 2007 and 666

Read the full Symantec report here

W32.Mixor.Q@mm
Discovered December 29, 2006
Systems Affected: All Windows32 Systems

W32.Mixor.Q@mm is a mass-mailing worm that drops additional malware on to the compromised computer.

Payload: Drops additional malware on to the compromised computer.
Compromises Security Settings: Ends security-related processes.
Distribution Level: High
Subject of Email: Happy New Year!
Name of Attachment: postcard.exe

Read the full Symantec report here


   
     
© Copyright 1999 - 2006 The Computer Wizard