elamb » Worm http://elamb.org information system security, risk management, scam research Mon, 28 Nov 2011 02:27:55 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 Riparare File Dnsrslve Da W32 Spybot Worm http://elamb.org/riparare-file-dnsrslve-da-w32-spybot-worm/?utm_source=rss&utm_medium=rss&utm_campaign=riparare-file-dnsrslve-da-w32-spybot-worm http://elamb.org/riparare-file-dnsrslve-da-w32-spybot-worm/#comments Sun, 02 Dec 2007 01:24:04 +0000 elamb.security dnsrslve riparare spybot w32 gen rbot worm apn http://elamb.org/riparare-file-dnsrslve-da-w32-spybot-worm/ more on: Riparare File Dnsrslve Da W32 Spybot Worm

Dnsrslve.exe [DNS Resolver] is a virus added by the W32/Rbot-WS worm also know as Backdoor.Win32.Rbot.gen, W32/Sdbot.worm.gen.g, WORM_SDBOT.APN.

ref: http://sophos.com

Tags: , , ,

]]> http://elamb.org/riparare-file-dnsrslve-da-w32-spybot-worm/feed/ 0 recuperar informacion malograda por w32 pawur http://elamb.org/recuperar-informacion-malograda-por-w32-pawur/?utm_source=rss&utm_medium=rss&utm_campaign=recuperar-informacion-malograda-por-w32-pawur http://elamb.org/recuperar-informacion-malograda-por-w32-pawur/#comments Sun, 02 Dec 2007 01:15:57 +0000 elamb.security pawur win32 anzae w32 tasin nombre inzae worm http://elamb.org/recuperar-informacion-malograda-por-w32-pawur/ Continue reading ]]> information on Riparare file dnsrslve da w32 spybot worm

W32@pawur is a worm. More information on pawur

Nombre: W32/Pawur.A
Nombre NOD32: Win32/Pawur.A
Tipo: Gusano de Internet
Alias: Pawur.A, Tasin.A, Anzae, I-Worm.Pawur.A, I-Worm.Pawur.a, I-Worm.VB.w, I-Worm/Pawur.A, NewHeur_PE, W32.Inzae.A, W32/Anzae.Worm, W32/Tasin.A.worm, Win32/Inzae.A.Dropper, Win32/Pawur.A, WORM_ANZAE.A, W32/Anzae-A, W32/Insae.A@mm, Email-Worm.Win32.Pawur.a, Win32.HLLM.Pawur
Fecha: 22/nov/04
Plataforma: Windows 32-bit
Tamaño: 49,331 bytes

Tags: , , , , , , , , ,

]]> http://elamb.org/recuperar-informacion-malograda-por-w32-pawur/feed/ 0 Netdrvr Ext W32 Spybot Worm http://elamb.org/netdrvr-ext-w32-spybot-worm/?utm_source=rss&utm_medium=rss&utm_campaign=netdrvr-ext-w32-spybot-worm http://elamb.org/netdrvr-ext-w32-spybot-worm/#comments Mon, 26 Nov 2007 06:38:11 +0000 elamb.security netdrvr ext ext spybot w32 worm exe exe http://elamb.org/netdrvr-ext-w32-spybot-worm/ Continue reading ]]> Those looking for “Netdrvr Ext W32 Spybot Worm

You typed “Netdrvr Ext” Did you mean “netdrvr.exe”?

If you meant “netdrvr.exe” then you definitely have malware. More than likely you have a virus running in a critical system folder of Windows: C:\Windows\System32\netdrvr.exe. This virus looks like it might be a device driver (Network DRV) but it is like a cancer to your system resources and privacy.

This virus can be removed with free tools such as Adaware, HijackThis or Microsoft’s Autoruns (recommended).

Tags: , , , , , ,

]]> http://elamb.org/netdrvr-ext-w32-spybot-worm/feed/ 0 Gathering ‘Storm’ Superworm Poses Grave Threat to PC Nets http://elamb.org/gathering-storm-superworm-poses-grave-threat-to-pc-nets/?utm_source=rss&utm_medium=rss&utm_campaign=gathering-storm-superworm-poses-grave-threat-to-pc-nets http://elamb.org/gathering-storm-superworm-poses-grave-threat-to-pc-nets/#comments Fri, 05 Oct 2007 15:38:08 +0000 elamb.security storm worm infected rolled estimates batters attachment attachments http://elamb.org/gathering-storm-superworm-poses-grave-threat-to-pc-nets/ Continue reading ]]> The Storm worm first appeared at the beginning of the year, hiding in e-mail attachments with the subject line: “230 dead as storm batters Europe.” Those who opened the attachment became infected, their computers joining an ever-growing botnet.

Although it’s most commonly called a worm, Storm is really more: a worm, a Trojan horse and a bot all rolled into one. It’s also the most successful example we have of a new breed of worm, and I’ve seen estimates that between 1 million and 50 million computers have been infected worldwide.

 

More here.

Tags:

]]> http://elamb.org/gathering-storm-superworm-poses-grave-threat-to-pc-nets/feed/ 0 New IM worm chats with its intended victims http://elamb.org/new-im-worm-chats-with-its-intended-victims/?utm_source=rss&utm_medium=rss&utm_campaign=new-im-worm-chats-with-its-intended-victims http://elamb.org/new-im-worm-chats-with-its-intended-victims/#comments Thu, 08 Dec 2005 11:57:57 +0000 elamb.security
Warning: Invalid argument supplied for foreach() in /home/elamb_security/elamb.org/wp-content/plugins/autometa/autometa.php on line 300
http://elamb.org/?p=359 Continue reading ]]> A new worm that targets users of America Online's AOL Instant Messenger
is believed to be the first that actually chats with the intended
victim to dupe the target into activating a malicious payload, IM
security vendor IMlogic warned Tuesday.

read more | digg story

]]> http://elamb.org/new-im-worm-chats-with-its-intended-victims/feed/ 0 Are you getting email from the FBI or CIA? (new malicious code) http://elamb.org/are-you-getting-email-from-the-fbi-or-cia-new-malicious-code/?utm_source=rss&utm_medium=rss&utm_campaign=are-you-getting-email-from-the-fbi-or-cia-new-malicious-code http://elamb.org/are-you-getting-email-from-the-fbi-or-cia-new-malicious-code/#comments Mon, 28 Nov 2005 22:36:07 +0000 elamb.security
Warning: Invalid argument supplied for foreach() in /home/elamb_security/elamb.org/wp-content/plugins/autometa/autometa.php on line 300
http://elamb.org/?p=342 Dear Sir/Madam, We have logged your IP-address on more than 30 illegal Websites.

Sober worm pretends to be an email from the FBI or CIA. 

read more | digg story

]]> http://elamb.org/are-you-getting-email-from-the-fbi-or-cia-new-malicious-code/feed/ 0 w32 Zotob http://elamb.org/w32-zotob/?utm_source=rss&utm_medium=rss&utm_campaign=w32-zotob http://elamb.org/w32-zotob/#comments Mon, 22 Aug 2005 13:16:01 +0000 elamb.security
Warning: Invalid argument supplied for foreach() in /home/elamb_security/elamb.org/wp-content/plugins/autometa/autometa.php on line 300
http://elamb.org/?p=164 Continue reading ]]> Here is more info on the Zotob. 

This page covers:

How to remove Zotob?

Automated “FixZotob.exe” type tools from Symantec & Microsoft

What is the Zotob and what kind of damage can it do?

Not much.. unless it connects with the outside IRC.

Who created the Zotob?

Diabl0 (Turkey)

Why was Zotob created? bot wars?

http://elamb.blogharbor.com/hacked/zotob.htm

]]> http://elamb.org/w32-zotob/feed/ 0 Zotob.A Worm pandemic http://elamb.org/zotoba-worm-pandemic/?utm_source=rss&utm_medium=rss&utm_campaign=zotoba-worm-pandemic http://elamb.org/zotoba-worm-pandemic/#comments Thu, 18 Aug 2005 22:32:26 +0000 elamb.security
Warning: Invalid argument supplied for foreach() in /home/elamb_security/elamb.org/wp-content/plugins/autometa/autometa.php on line 300
http://elamb.org/?p=162 Continue reading ]]> The Zotob Worm has spread across three continents and has brought down systems at CNN, ABC and other networks.  It is a decendant of Mytob.  Zotob exploits the “plug and play” features of unpatched Win 2000 systems and earlier versions of Windows XP. 

 

The Zotob Worm, like most worms, slows down network connectivity, can shut down/reboot a system, attempts to spread to other systems on the network and ultimately will connect with a remote server to allow downloads of more destructive malware such as virus’ and Trojans.

 

Zotob Worm Variants:

http://securityresponse.symantec.com/avcenter/vinfodb.html

 

Summary:

http://singe.rucus.net/blog/archives/510-MS05-039-and-the-Zotob-summary.html

 

http://singe.rucus.net/blog/archives/510-MS05-039-and-the-Zotob-summary.html

]]> http://elamb.org/zotoba-worm-pandemic/feed/ 0