|
|
#1
May 31st, 2003, 10:12 AM
|
||||
|
||||
W32.Spreder
http://www.viruslist.com/eng/viruslist.html?id=60322
You guys got this one? (It looks like a "preparatory" virus developed by the RIAA). Pete
__________________
"When fascism comes to America it will come wrapped in the flag and carrying a cross." Sinclair Lewis |
|
#2
May 31st, 2003, 04:06 PM
|
|||
|
|||
|
Re:W32.Spreder
Edit: Since this was not a related thread, I have edited out the link to prevent any confusion. |
|
#3
May 31st, 2003, 04:12 PM
|
|||
|
|||
|
Re:W32.Spreder
Just for info... Spreader is NOT a worm it's a virus.
And the thread you point out mike refers to a worm. John did also missunderstand this - because he did post this virus info - this virus has nothing to do with this worm. Michael |
|
#4
May 31st, 2003, 04:17 PM
|
|||
|
|||
|
Re:W32.Spreder
Hey Michael - thanks for the info!
 But, just to be clear... Are you saying these are two different pieces of malware (the one noted above, and the one in that other thread)? Or, did you mean some thing different? |
|
#5
May 31st, 2003, 04:21 PM
|
|||
|
|||
|
Re:W32.Spreder
The one in the other threat is Worm/SdDrop.A
Aliases: W32/Sddrop.worm, Worm.P2P.SdDrop.b, W32.HLLW.Kamesh, Worm/Sddrop http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SDDROP.A |
|
#6
May 31st, 2003, 04:35 PM
|
|||
|
|||
|
Re:W32.Spreder
Ah, of course, now I see what happened.
 Thanks!!  |
|
#7
May 31st, 2003, 05:09 PM
|
|||
|
|||
|
Re:W32.Spreder
Spreader does infect *only* files in the Kazaa Folder - this means if you have there *.EXE or *.SCR Files this nasty writes itself to the top and appends the "normal" exefile. Kaspersky writes that the viruscode is around 60 kb and that a infected file can grow up to even 400kb - however i have here some files which are around 800 kb bigger after some GOAT-File infection tests.
This virus is at least not dangerous, cuz he does not run (infecting) files if Kazaa is not installed. If Kazaa is installed it does only infect files in the Shared Kazaa Folder. I did receive many infections from GAV users - this "dumb" virus (he is really dumb) seems to spreading very well in the last 3 days over kazaa. He is very easy to detect even without a AV cuz he does create a logfile which files he did infect. it is only a guess from me that this is a "test balloon" and the "real" virus will follow soon. Michael |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
