Focus on Virus
New Malware? Jul 20 2006 11:55AM
Bruce Martins (BMartins extend COM) (2 replies)
Re: New Malware? Jul 20 2006 03:36PM
Luis Diaz Kaspersky (luis diaz kaspersky com mx)
Hi

You are right is a trojan-proxy
Kaspersky Detect it Trojan-Proxy.Win32.Ranky.fw

Kaspersky Anti-Virus reports a virus
in the following message:
----------------------
From:BMartins (at) extend (dot) COM [email concealed]
To:luis.diaz (at) kaspersky.com (dot) mx [email concealed]
Sent on: 20/07/06 10:26:36
MessageID:<C629A6599EAF2B4C97CC314771BC292C06846B42 (at) mail.extend (dot) com [email concealed]>

GoogleToolbarFirefox.exe(application/octet-stream) infected
Trojan-Proxy.Win32.Ranky.fw

Regards

Luis Diaz

----- Original Message -----
From: "Bruce Martins" <BMartins (at) extend (dot) COM [email concealed]>
To: <focus-virus (at) securityfocus (dot) com [email concealed]>
Sent: Thursday, July 20, 2006 6:55 AM
Subject: New Malware?

I had a user who received an e-mail pretending to be from google updates
with a subject line of "New Google Toolbar Released"

The link actually takes them to=20

http://googletoolbar.com.sapo.pt

None of the AV scanners picked this up when downloading the EXE,
perimeter, nor desktop, and even with the latest definitions and scan
engines.

The file is called GoogleToolbarFirefox.exe

I am assuming this is some sort of Trojan or exploit of firefox.

Unfortunately the user ran the file as well, has anyone else out there
seen this or know what this may be ? I have submitted the file for
further testing.

Bruce Martins
Information Systems Manager
EXTEND>>MEDIA
190 Liberty Street
Toronto, Ontario
Canada
M6K 3L5
_______________________
e:bmartins (at) extend (dot) com [email concealed]
t: (416) 535-4222 ext. 2307
f: (416) 535-1201
http://www.extend.com

[ reply ]
Re: New Malware? Jul 20 2006 03:04PM
.myke lyons (Myke Lyons cmtww com)


 

Privacy Statement
Copyright 2010, SecurityFocus