x
Donacije
x
Download
x
Potpora
x
Forum
 
Brza pretraga:

Početna
Novosti
Članci
Download
O nama

Potpora
Pomoć
FAQ
Kontakt
Linkovi

Proizvodi
Spybot-S&D
RunAlyzer
FileAlyzer
RegAlyzer
TagsRevisited

Ispišite ovu stranicu

Copyright © 2000-2008
Safer Networking Ltd.
Sva prava pridržana

HRVATSKI by MRKI: mrki@erf.hr
RSS feeds
Fan-T-Shirts

Novosti

New email password stealing virus[link]    19. September 2003
News article

Today I started to receive dozens of emails containing a new virus/trojan that is not known to my antivirus programs yet.

It appears in emails coming from advisor.microsoft.com, and contains a HTML page that appears to look like a very basic Microsoft homepage.
Microsoft never sends out any updates or other files by email, so you can be sure this is either a virus, a trojan, or spam.
In this specific case, the email is 156 KB in size and contains attachments with different names. If you would install it (which you should not), it would at a later point display a fake error message asking you to re-enter all your email account details, otherwise your Outlook or Outlook Express would be rendered non-functional (which is not true, as this is no real MAPI error and has nothing to do with Outlook or Outlook Express). It also seems to have the capability to disable the Outpost firewall, to be able to sent out your email account data secretly.

Example screenshot

As a general rule: do never open attachments you didn't request!

Detection for this trojan has been added as Email-Stealer-MAPI32 to the next update; please do not try to manually remove the file without fixing your registry first, because removing the file first will render your Windows installation quite useless!

Update: this is now detected as W32/Gibe-F by some AVs.

Pregled

Flags for choosing different languages