Welcome to BrightSite by bright.net Internet Services
bright.net Anti-Virus Page
Navigation
Recent Entries
¤ "Fake Antivirus" - Removal Tool Now Available
¤ Scheduled Maintenance - Scam Message
¤ XP Antivirus 2008 - Trojan
¤ MSNBC Spam
¤ CNN Scam Mail
¤ View All
¤ Scheduled Maintenance - Scam Message
¤ XP Antivirus 2008 - Trojan
¤ MSNBC Spam
¤ CNN Scam Mail
¤ View All
Links
Antivirus Programs
¤ Avast Antivirus
¤ AVG - Free Anti-Virus
¤ Avira AntiVir
Information
¤ Syamantec Virus Info
¤ Unwantedlinks.com
¤ Virus Encyclopedia
¤ Virus Hoax
Misc/Patches
¤ Mozilla Firefox (Browser)
¤ Sasser Patch - 2000/XP
¤ Zobot Patch
Removal Tools
¤ Avast! Removal Tool
¤ Beagel Removal
¤ Mytob Removal Tool
¤ Netsky Fix Tool
¤ Sasser Removal Tool
¤ Sober (Choose version)
¤ Sober.C Removal (NEW)
¤ Sober.X Removal
¤ Stinger - Virus Removal Tool
¤ Virus Removal Tool List
¤ Virus Utilities
¤ Zobot Removal Tool
Spyware Removal
¤ Ad-Aware
¤ CW Shredder
¤ Hijackthis
¤ Malwarebytes
¤ SpyBot - Search & Destroy
¤ Windows Defender
¤ Avast Antivirus
¤ AVG - Free Anti-Virus
¤ Avira AntiVir
Information
¤ Syamantec Virus Info
¤ Unwantedlinks.com
¤ Virus Encyclopedia
¤ Virus Hoax
Misc/Patches
¤ Mozilla Firefox (Browser)
¤ Sasser Patch - 2000/XP
¤ Zobot Patch
Removal Tools
¤ Avast! Removal Tool
¤ Beagel Removal
¤ Mytob Removal Tool
¤ Netsky Fix Tool
¤ Sasser Removal Tool
¤ Sober (Choose version)
¤ Sober.C Removal (NEW)
¤ Sober.X Removal
¤ Stinger - Virus Removal Tool
¤ Virus Removal Tool List
¤ Virus Utilities
¤ Zobot Removal Tool
Spyware Removal
¤ Ad-Aware
¤ CW Shredder
¤ Hijackthis
¤ Malwarebytes
¤ SpyBot - Search & Destroy
¤ Windows Defender
Virus News
WORM_FANBOT.F (Low Risk)
Over the past five days, Trend Micro has seen six variants of FANBOT, a new family of worms.
Although none have progressed very far, researchers at Trend Micro are paying
particular attention to this new threat because of the potential these early variants have shown to propagate and successfully exploit a serious vulnerability that can be utilized to grant a malicious user complete access to the user’s system. Such access can be used to launch malicious attacks, install rogue software, and steal personal information. Future variants may also have the ability to spread rapidly and include additional functionality.
The FANBOT family utilizes the base code of the MYTOB family, in addition to added functionality that exploits the MS05-039 (“Plug-and-Play”) vulnerability announced in August. The author has also added the capability for this worm to propagate via P2P or file-sharing networks, in addition to more traditional email spam methods. This family also incorporates the use of the following mock error message, when the user clicks on the file attachment:
Error
The file could not be opened!
Launching the attached file actually executes the worm, but the message box disguises this fact by creating the illusion that the email was in fact legitimate.
Although none have progressed very far, researchers at Trend Micro are paying
particular attention to this new threat because of the potential these early variants have shown to propagate and successfully exploit a serious vulnerability that can be utilized to grant a malicious user complete access to the user’s system. Such access can be used to launch malicious attacks, install rogue software, and steal personal information. Future variants may also have the ability to spread rapidly and include additional functionality.
The FANBOT family utilizes the base code of the MYTOB family, in addition to added functionality that exploits the MS05-039 (“Plug-and-Play”) vulnerability announced in August. The author has also added the capability for this worm to propagate via P2P or file-sharing networks, in addition to more traditional email spam methods. This family also incorporates the use of the following mock error message, when the user clicks on the file attachment:
Error
The file could not be opened!
Launching the attached file actually executes the worm, but the message box disguises this fact by creating the illusion that the email was in fact legitimate.
October 24th, 2005
bright.net does not support nor endorse these programs but have found some of them helpful. Many of the programs and links found on this page are for third-party applications and are to be used at your own risk. Should you encounter problems with the tools, you may need to consult a computer technician for further assistance.