 7/30: Tompai-A Has Backdoor Functionality |
 |
|
|
|
|
|
7/30: Tompai-A Has Backdoor Functionality
July 30, 2004
W32/Tompai-A is a virus with backdoor functionality for the Windows platform.
The virus creates three copies of itself in the windows system folder. One copy is named mainsv.exe the others are randomly chosen from the following pairs of names:
loadms.exe & loadmsnt.exe
cmpku.exe & cmpkunt.exe
netcompt.exe & netcomptnt.exe
ptsnopt.exe & ptsnoptnt.exe
ntdllf.exe & ntdllfnt.exe
The virus also infects exe files on the local hard disk and creates copies of itself with the following names:
the_matrix.scr
mario_2.pif
matrix_desktop.pif
mp3_convert.pif
Zsnes_win.pif
VRMLpad_crack.pif
matrix3Dsetup.pif
Dx_ball2_Setup.pif
Crack_tools.exe
More information is at Sophos page.
|
|
|
|
|
Sophos Small-Business Suite Fights Viruses, Spam
Worm Spreads Via Email With Variable Characteristics
ISPs Band Together Against Spam
MIT Warns of Kerberos 5 Flaws
8/3: Scaner-A Worm Uses Port 445
Macromedia Patches MX 2004 Security Flaws
2/15: Randex-COX a Network-Aware Worm
Application Insecurity --- Who is at Fault?
3/8: SymbOS/Commwarrior-A Hits Nokia
Virus-Powered Phishing Unleashed
3/30: Kelvir-F IM Worm Sends Message
Security Camera Articles
 |
