[martymas]

hi team if this hasent been posted before .be careful out there
not sure if thei is the right place to post this
marty

To read an HTML version of this newsletter, go to:
http://www.trendmicr...rt/overview.htm

Issue Preview:

1. Trend Micro Updates - Pattern File & Scan Engine Updates
2. Proof-of-Concept Virus – W64_SHRUGGLE.A (Low Risk)
3. Top 10 Most Prevalent Global Malware
4. OfficeScan Corporate Edition 6.5 – New Demo Available

NOTE: Long URLs may break into two lines in some mail readers.
Should this occur, please copy and paste the URL into your browser window.

************************************************************************

1. Trend Micro Updates - Pattern File & Scan Engine Updates
------------------------------------------------------------------------
PATTERN FILE: 2.162.00 http://www.trendmicr...oad/pattern.asp
SCAN ENGINE: 7.100
http://www.trendmicr...load/engine.asp

2. Proof-of-Concept Virus – W64_SHRUGGLE.A (Low Risk)
------------------------------------------------------------------------
W64_SHRUGGLE.A is the second malware discovered that infects 64-bit
Windows Portable Executable (PE) files. The first such virus, W64_RUGRAT.A,
and this virus are believed to be created by the same author, who calls
himself roy g biv. While W64_RUGRAT.A infected 64-bit files running on
IA64 (Intel Itanium) processors, this virus is intended to infect PE files
running on AMD 64-bit systems. Both of these 64-bit viruses are considered
proof-of-concept viruses, meaning the author is probably trying to prove
that new systems are susceptible to virus attacks. W64_SHRUGGLE.A is
currently spreading in-the-wild, and infecting Windows 64-bit systems.

Upon execution , this virus searches for target files in the current
folder and subfolders. It then infects every 64-bit file (AMD64 only) that it
finds. It then passes this file through some filtering criteria, appends
its code to the last section of the host file, and then modifies the
section as executable. Garbage data may be appended at the end of the virus
code to further avoid detection.

This virus does not infect 32-bit files and does not run in 32-bit
processors without software to support AMD64-bit programs. All infected files
contain the following signature string: "Shrug - roy g biv"

If you would like to scan your computer for W64_SHRUGGLE.A or thousands
of other
worms, viruses, Trojans and malicious code, visit HouseCall, Trend Micro's
free,
online virus scanner at: http://housecall.trendmicro.com/

W64_SHRUGGLE.A is detected and cleaned by Trend Micro pattern file
2.163.06 and
above.

For additional information about WORM_RATOS.A please visit: http://www.trendmicro.com/vinfo/virusencyc...e=W64SHRUGGLE.A

3. Top 10 Most Prevalent Global Malware
(from August 20, 2004 to August 26, 2004)
------------------------------------------------------------------------
1. WORM_SASSER.B
2. PE_ZAFI.B
3. WORM_NETSKY.P
4. HTML_NETSKY.P
5. WORM_NETSKY.D
6. JAVA_BYTEVER.A
7. WORM_RATOS.A
8. TROJ_AGENT.EG
9. TROJ_AGENT.AE
10. WORM_NETSKY.Q

4. OfficeScan Corporate Edition 6.5 - New Demo Available
------------------------------------------------------------------------
Trend Micro™ OfficeScan™ Corporate Edition is an integrated enterprise
client security solution designed to protect against the daily threats of
file-based and network viruses as well as secure access from intruders,
spyware, and other threats. Security policy is enforced with Cisco network
access devices that support Network Admission Control (NAC), or through
Network VirusWall.

[Besttechie]

Thanks for the alert Marty.


B

[tg1911]

Quote

All infected files contain the following signature string: Shrug - roy g biv"

Used to use that name to remember the colors of a rainbow. lol
r - red
o - orange
y - yellow
g - green
b - blue
i - indigo
v - violet