Jump to content



2024 Annual Membership Fees

More MSN Viruses

Cunny78

By Cunny78
in Non-League / Off Topic

 Share

Recommended Posts

Cunny78

Cunny78

Posted
Posted

Got this email this morning, I know alot of people use MSN, so I thought i'd post it up thumbs_up.gif

 

Madrid, February 25, 2005 - This week's report on viruses and intruders will

focus on four worms - the A and B variants of Stang, Assiral.A and Sober.M-.

 

Stang.A and Stang.B spread through MSN Messenger in messages containing

texts like 'Look At This Hot Naked Girl' and an attached file with names

like 'Hey look at my moms dildo!!.pif'. If this file is run, these worms

send themselves out to all of the contacts in this instant messaging

application and turn off the security programs that could be installed on

the computer, such as the Windows personal firewall.

 

What's more, Stang.A and Stang.B block the Task Manager and Registry Editor

in this operating system. They also try to end the SVCHOST.EXE and LSASS.EXE

processes, which could cause the computer to automatically shut down.

 

The third worm in today's report is Assiral.A, which spreads via email in a

message with the text 'Re: LOV YA !' in the subject and an attached file

called 'LOVE_LETTER.TXT.EXE'. When this file is run, the computer will be

infected by Assiral.A, which will then look for email addresses to send

itself to.

 

Assiral.A carries out many different actions on the computer it infects,

including the following:

 

- Prevent access to the Windows Registry Editor.

 

- Hide the Run option in the Start menu.

 

- Disable the command-line.

 

- Modify the home page in Internet Explorer.

 

- Try to end the processes belonging to different antivirus and firewall

applications.

 

- When it is run, it displays a message on screen which announces its

mission to rid the Internet of the actions of the Bropia worms.

 

We are going to finish this week's report with Sober.M, a worm that spreads

via email in a message that can be written in English or German. If the mail

domain ends in de, ch, at or li, both the subject and message will be

written in German.

 

After infecting a computer, Sober.M opens Notepad and displays a text and

then an error message.

 

For further information about these and other computer threats, visit Panda

Software's Encyclopedia:

http://www.pandasoftware.com/virus_info/encyclopedia/

 

Additional information

 

- LSASS.EXE: a process corresponding to local security and user

authentication policies. If this process is closed, a countdown message is

displayed and then the computer will be restarted.

 

- SVCHOST.EXE: a process that handles services run from DLLs (Dynamic Link

Libraries).

 

Cunny.

 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use, Privacy Policy and Guidelines. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..