************************************************************************
V I R U S R E P O R T
(by the Trend Micro US Virus Research Group)
************************************************************************
------------------------------------------------------------------------
Date: August 3, 2001 Issue Number: 08/01
------------------------------------------------------------------------
To read an HTML version of this newsletter, go to:
http://www.antivirus.com/trendsetter/virus_report/
If you're a corporate user and want to assess your virus protection,
check out Trend Micro's Virus Risk Assessment Web site at:
http://www.antivirus.com/free_tools/edoctor/
Issue Preview:
1. TREND MICRO UPDATES: Pattern File and Scan Engine Updates
2. Another VB Script Worm -- VBS_POTOK.A
3. 10 Most Prevalent In-the-Wild Malware Surveyed by Trend Micro US
4. Top Viruses Trend Micro's US Customers are Most Concerned About
5. Still Prevailing -- TROJ_SIRCAM.A & CODERED.A
6. Test Your Virus Knowledge & Scan Your Computer FREE!
NOTE: Long URLs may break into two lines in some mail readers.
Should this occur, please cut and paste the URL in your browser.
************************************************************************
1. TREND MICRO UPDATES: Pattern File and Scan Engine Updates
------------------------------------------------------------------------
PATTERN FILE: 921 http://www.antivirus.com/download/pattern.asp
SCAN ENGINE: 5.450 http://www.antivirus.com/download/engines/
2. Another VB Script Worm -- VBS_POTOK.A
------------------------------------------------------------------------
VBS_POTOK.A is a destructive mass-mailing worm that affects Windows 2000/NT
users only. It is in the wild and propagates via Microsoft Outlook by emailing
a copy of itself to the first 50 addresses listed in an infected user's address
book. A sample of the email is as follows:
Subject: New Generation of drivers.
Body: Microsoft has published new driver for all types Video Cards, compatible
with Windows 95/98/NT/2000/XP. You can read about it in attachment document. Best
wishes Microsoft.
Attachment: DRIVER.DOC.VBS
The worm may also create a new account with Administrator privileges on the
infected system, thereby compromising network security.
For more information about VBS_POTOK.A, visit Trend Micro at:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_POTOK.A
VBS_POTOK.A is detected by Trend Micro pattern file #920.
3. 10 Most Prevalent In-The-Wild Malware Surveyed by Trend Micro US
(week of: July 23, 2001 to July 29, 2001)
------------------------------------------------------------------------
1. TROJ_SIRCAM.A
2. VBS_HAPTIME.A
3. PE_MAGISTR.A
4. TROJ_BADTRANS.A
5. JS_KAKWORM.A
6. TROJ_CHOKE.A
7. TROJ_BYMER
8. TROJ_HYBRIS.M
9. TROJ_HYBRIS.DLL
10. PE_MAGISTR.DAM
SPECIAL OFFER:
Webmasters, add free virus information updates to your Web site with our Virus
Info Feed. Simply copy and paste a small piece of code to give your visitors a
real-time top 10 list and the latest virus advisories. Setup takes approximately
10 minutes and requires no server-side code on your Web site. All content is
updated automatically from Trend Micro's Web site. http://www.antivirus.com/syndication/vinfo/default.asp?ref=nwsltr
4. Top Viruses Trend Micro's US Customers are Most Concerned About
(where systems were not infected)
------------------------------------------------------------------------
1. TROJ_SIRCAM.A
2. PE_MAGISTR.A
3. TROJ_FUNSO.A
4. TROJ_BADTRANS.A
5. PE_MAGISTR.DAM
6. PE_CIH
5. Still Prevailing -- TROJ_SIRCAM.A & CODERED.A
------------------------------------------------------------------------
TROJ_SIRCAM.A is still spreading and is listed at #2 in the Trend Micro World
Virus Tracking Center. This Trojan propagates using SMTP commands via email and
shared network drives. Trend Micro has made available, in the Trend Micro Virus
Information Center, tools and instructions to remove TROJ_SIRCAM.A in case of
infection. This Trojan is detected by Trend Micro pattern file #917. For more information
about TROJ_SIRCAM.A go to:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_SIRCAM.A
CODERED.A has caused a media and public stir in the past week. While this worm poses
minimal risk to most PCs, Trend Micro recommends that all users scan their PCs with HouseCall, a free online virus scanner. System administrators of Web servers using
Microsoft Windows NT 4.0 or Windows 2000 should also download the MS01-033 patch
from Microsoft's Web site. You can get more information about this worm at the Trend
Micro Web site at: http://www.antivirus.com/vinfo
Users can access HouseCall at http://housecall.antivirus.com.
6. Test Your Virus Knowledge & Scan Your Computer FREE!
------------------------------------------------------------------------
Do you think you know enough about viruses? Try our new HouseCall quiz as
you scan your computer FREE for viruses and other malicious code. At the end
of the quiz you may be lucky to get Trend Micro PC-cillin 2000 for 10%, 15% or
20% OFF!!
SCAN NOW: http://www.antivirus.com/banners/tracking.asp?si=63&bi=77&ul=http://housecall.antivirus.com
************************************************************************
You are receiving this email from Trend Micro, because you have either
downloaded a Trend Micro product or have signed up for our "Weekly Virus
Report." If you would like to change the way you receive email from
Trend Micro, please make changes in your account page at
http://www.antivirus.com/subscriptions/default.asp?email=trendmicro_pattern@netzwerk-aktiv.com
To UNSUBSCRIBE go to:
http://www.antivirus.com/subscriptions/default.asp?format=unsubscribe
For questions regarding viruses, please contact the Virus Doctor at
Virus_Doctor@trendmicro.com.
For questions regarding products, please contact Tech Support at
support@trendmicro.com.
For questions, comments and suggestions about the Weekly Virus Report
please contact our editor at Newsletters@trendmicro.com.
************************************************************************
Received on Fri, 3 Aug 2001 14:34:16 -0700
This archive was generated by hypermail 2.1.8 : Mon 29 May 2006 - 05:33:31 CEST