************************************************************************
V I R U S R E P O R T
(by the Trend Micro US Virus Research Group)
************************************************************************
------------------------------------------------------------------------
Date: September 28, 2001
------------------------------------------------------------------------
If you're a corporate user and want to assess your virus protection,
check out Trend Micro's Virus Risk Assessment Web site at:
http://www.antivirus.com/free_tools/edoctor/
Issue Preview:
1. TREND MICRO UPDATES: Pattern File and Scan Engine Updates
2. Not a Vote for World Peace - TROJ_VOTE.C (Medium Risk)
3. 10 Most Prevalent In-the-Wild Malware Surveyed by Trend Micro US
4. Top 10 Viruses Trend Micro's US Customers are Most Concerned About
5. Test Your Virus Knowledge & Scan Your Computer FREE!
NOTE: Long URLs may break into two lines in some mail readers.
Should this occur, please cut and paste the URL in your browser.
************************************************************************
1. TREND MICRO UPDATES: Pattern File and Scan Engine Updates
------------------------------------------------------------------------
PATTERN FILE: 947 http://www.antivirus.com/download/pattern.asp
SCAN ENGINE: 5.450 http://www.antivirus.com/download/engines/
2. Not a Vote for World Peace - TROJ_VOTE.C (Medium Risk)
------------------------------------------------------------------------
TROJ_VOTE.C, a variant of TROJ_VOTE.A and TROJ_VOTE.B, propagates
via Microsoft Outlook by sending itself to all addresses listed in an
infected user's address book. It arrives in an email with the following:
Subject: Fwd:Peace BeTween AmeriCa And IsLam !
Message Body: Hi!
iS iT A waR Against AmeriCa Or IsLam!
Let's Vote To Live in Peace!
Attachment: WTC.EXE
It creates a copy of itself in the Windows folder, and then creates and
executes the following files:
DaLaL.VBS
Mixdalal.vbs
WAIL.VBS
It searches for and overwrites all .HTML and .HTM files in an infected
user's system with a text string, and also modifies the infected user's
Internet Explorer startup page.
This Trojan has been classified as medium risk.
For additional information about TROJ_VOTE.C, please visit Trend Micro at:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_VOTE.C.
TROJ_VOTE.C is detected by Trend Micro pattern file #947.
3. 10 Most Prevalent In-The-Wild Malware Surveyed by Trend Micro US
(week of: September 17, 2001 to September 23, 2001)
------------------------------------------------------------------------
1. TROJ_SIRCAM.A
2. PE_MAGISTR.DAM
3. TROJ_NEWPIC.A
4. TROJ_BLKSTONE.A
5. JS_KAKWORM.A
6. TROJ_BADTRANS.A
7. PE_MARI.A
8. TROJ_CHOKE.A
9. VBS_HAPTIME.A
10. PE_MAGISTR.B
SPECIAL OFFER:
Webmasters, add free virus information updates to your Web site with our
Virus Info Feed. Simply copy and paste a small piece of code to give your visitors a real-time top 10 list and the latest virus advisories.
Setup takes approximately 10 minutes and requires no server-side code on your Web site. All content is updated automatically from Trend Micro's Web site. http://www.antivirus.com/syndication/vinfo/default.asp?ref=nwsltr
4. Top 10 Viruses Trend Micro's US Customers are Most Concerned About
(where systems were not infected)
------------------------------------------------------------------------
1. TROJ_SIRCAM.A
2. PE_MAGISTR.DAM
3. PE_MAGISTR.A
4. JS_KAKWORM.A
5. VBS_HAPTIME.A
6. TROJ_FUNSO.A
7. TROJ_CODERED.C
8. TROJ_APOST.A
9. CODERED.D
10. CODERED.C
5. Test Your Virus Knowledge & Scan Your Computer FREE!
------------------------------------------------------------------------
Do you think you know enough about viruses? Try our new HouseCall quiz as you scan your computer, FREE, for viruses and other malicious code. At the end of the quiz you may be lucky and win 10%, 15%, or even 20% OFF Trend Micro PC-cillin 2000!!
SCAN NOW: http://www.antivirus.com/banners/tracking.asp?si=63&bi=154&ul=http://housecall.antivirus.com
************************************************************************
You are receiving this email from Trend Micro, because you have either
downloaded a Trend Micro product or have signed up for our "Weekly Virus
Report." If you would like to change the way you receive email from
Trend Micro, please make changes in your account page at
http://www.antivirus.com/subscriptions/default.asp?email=trendmicro_pattern@netzwerk-aktiv.com
To UNSUBSCRIBE go to:
http://www.antivirus.com/subscriptions/default.asp?format=unsubscribe
For questions regarding viruses, please contact the Virus Doctor at
Virus_Doctor@trendmicro.com.
For questions regarding products, please contact Tech Support at
support@trendmicro.com.
For questions, comments and suggestions about the Weekly Virus Report
please contact our editor at Newsletters@trendmicro.com.
************************************************************************
************************************************************************
You are receiving this email from Trend Micro, because you have either
downloaded a Trend Micro product or have signed up for our "Weekly Virus
Report." If you would like to change the way you receive email from
Trend Micro, please make changes in your account page at
http://www.antivirus.com/subscriptions/default.asp?email=trendmicro_pattern@netzwerk-aktiv.com
To UNSUBSCRIBE go to:
http://www.antivirus.com/subscriptions/default.asp?format=unsubscribe
For questions regarding viruses, please contact the Virus Doctor at
Virus_Doctor@trendmicro.com.
For questions regarding products, please contact Tech Support at
support@trendmicro.com.
For questions, comments and suggestions about the Weekly Virus Report
please contact our editor at Newsletters@trendmicro.com.
************************************************************************
Received on Sun Sep 30 06:30:17 2001
This archive was generated by hypermail 2.1.8 : Mon 29 May 2006 - 05:33:31 CEST