Another Alert

[martymas]

hi team if this hasnet been posted before just recieved it this morning

marty

2. What's a WOOT? – WORM_WOOTBOT.BJ (Low Risk)

3. Top 10 Most Prevalent Global Malware

4. Trend Micro PC-cillin Internet Security 2005 Now Available

NOTE: Long URLs may break into two lines in some mail readers.

Should this occur, please copy and paste the URL into your browser window.

************************************************************************

1. Trend Micro Updates - Pattern File & Scan Engine Updates

------------------------------------------------------------------------

PATTERN FILE: 2.208.00 http://www.trendmicro.com/download/pattern.asp

SCAN ENGINE: 7.100 http://www.trendmicro.com/download/engine.asp

2. What's a WOOT? – WORM_WOOTBOT.BJ (Low Risk)

------------------------------------------------------------------------

WORM_WOOTBOT.BJ is a non-destructive worm that takes advantage of the

Windows LSASS vulnerability in order to propagate. It drops a copy of

itself into default shared folders of unpatched machines. It steals the CD

keys of popular game applications, Microsoft Windows Product IDs, and Yahoo

Messenger IDs. It updates itself by creating the file 1.BAT and executing

it afterwards. This batch file downloads a copy of the worm from the

Internet and then executes it on the compromised system. This worm is

currently spreading in-the-wild and infecting systems that are running on Windows

95, 98, ME, NT, 2000, and XP.

Upon execution, this worm drops a copy of itself as SERVICED.EXE in the

Windows system folder. It executes its dropped copy and then deletes

itself afterwards. It then adds several registry entries, that allow it to

run automatically at every system startup.

This worm exploits the Windows LSASS vulnerability to propagate. This

vulnerability is a buffer overrun that allows remote code execution and

allows an attacker to gain full control of infected systems. This

vulnerability is discussed in more detail on the Trend Micro Security Advisories page

at: http://www.trendmicro.com/en/security/advi...es/ms04-011.htm

This worm copies and executes itself on vulnerable systems and searches

for the following default network shares:

ADMIN$

C$

D$

IPC$

It steals Microsoft Windows Product IDs and Yahoo Messenger IDs, as well

as the CD keys of the following popular games:

Battlefield 1942

Battlefield 1942: Secret Weapons Of WWII

Battlefield 1942: The Road To Rome

Battlefield 1942: Vietnam

Black and White

Command and Conquer: Generals

Command and Conquer: Generals: Zero Hour

Command and Conquer: Red Alert2

Command and Conquer: Tiberian Sun

Counter-Strike

FIFA 2002

FIFA 2003

Freedom Force

Global Operations

Gunman Chronicles

Half-Life

Hidden and Dangerous 2

IGI2: Covert Strike

Industry Giant 2

James Bond 007: Nightfire

Medal of Honor: Allied Assault

Medal of Honor: Allied Assault: Breakthrough

Medal of Honor: Allied Assault: Spearhead

Nascar Racing 2002

Nascar Racing 2003

Need For Speed: Hot Pursuit 2

Need For Speed: Underground

Neverwinter Nights

NHL 2002

NHL 2003

Ravenshield

Shogun: Total War: Warlord Edition

Soldier Of Fortune 2

Soldiers Of Anarchy

The Gladiators

Unreal Tournament 2003

Unreal Tournament 2004

This worm appears to possess backdoor capabilities. It updates itself by

creating and executing the file 1.BAT. which downloads a copy of the

worm from the Internet and then executes it on the compromised system.

If you would like to scan your computer for WORM_WOOTBOT.BJ or thousands

of

other worms, viruses, Trojans and malicious code, visit HouseCall, Trend

Micro's free, online virus scanner at: http://housecall.trendmicro.com/

WORM_WOOTBOT.BJ is detected and cleaned by Trend Micro pattern file

#2.206.00

and above.

For additional information about WORM_WOOTBOT.BJ please visit: http://www.trendmicro.com/vinfo/virusencyc...WORM_WOOTBOT.BJ

3. Top 10 Most Prevalent Global Malware

(from October 15, 2004 to October 21, 2004)

------------------------------------------------------------------------

1. WORM_NETSKY.P

2. PE_ZAFI.B

3. HTML_NETSKY.P

4. WORM_NETSKY.D

5. JAVA_BYTEVER.A

6. WORM_NETSKY.B

7. WORM_NETSKY.C

8. WORM_ANIG.A

9. WORM_NETSKY.Q

10. HTML_CITIFRAUD.C

4. Trend Micro PC-cillin Internet Security 2005 Now Available

------------------------------------------------------------------------

Trend Microâ„¢ PC-cillinâ„¢ Internet Security 2005 protects your PC and

home network against all types of viruses, worms, Trojans, and blended

threats—including network viruses such as MYDOOM and SASSER. It also blocks

hackers, detects and removes spyware, guards against phishing attacks,

filters unwanted content, and minimizes spam. New features include Home

Network Control and Wi-Fi Intrusion Detection which extends desktop security to

your home and wireless networks.

Key Features:

-Comprehensive Virus Security

-Enhanced Spyware Detection and Removal

-Anti-Phishing –New!

-Home Network Control –New!

-Wi-Fi Intrusion Detection –New!

-Improved Spam Filtering

-Personal Firewall

Read more about Trend Micro PC-cillin Internet Security 2005:

http://www.trendmicro.com/en/products/desk...te/overview.htm

********************************************************************************

***

______________________________________________________________________

This message was sent by Trend Micro's Newsletters Editor using Responsys

Interact .

To unsubscribe from Trend Micro's Newsletters Editor:

http://trendnewsletter.rsc03.net/servlet/o...RFpgLmDgLmDgSE0

To update your subscription preference, or to change your email address:

http://trendnewsletter.rsc03.net/servlet/w...kNlyLihkm_UT_VV

To view our permission marketing policy:

http://www.rsvp0.net

Copyright 1989-2004 Trend Micro, Inc. All rights reserved

Tren

[tg1911]

Thanks for theupdate, Marty.

[thesidekickcat]

Thanks for the info, Marty.

Each time I hear of these new and ever more destructive things, I wonder why the people who write them can't put their computer talents towards benefiting others. Why do they need to do bad things to people to be satisfied with their sorry lives? How can they live with themselves knowing the trouble they cause? What a waste of talent/knowledge. How sad that they don't do good instead of harm. Shame on them for what they do to harm others.

God bless everyone.

[martymas]

yes i agree with that i wished i had one tenth of that talent.isnt it human nature to take advantage of the not so talented we only have to lookat around us

wars killings ect and these people who write virus and spy ware.

just as well people like you i and are street wise .

i have a friends whos son is trying to learn hacking.and i get so angry.he keeps at me to inquire on the board.but no way will i do that

marty

[sultan_emerr]

Thanks Marty