[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RT] Sophos Anti-Virus IDE alert: JS/Seeker-E



PureBytes Links

Trading Reference Links


----- Original Message ----- 
From: "Sophos Alert System" <listmaster@xxxxxxxxxx>
To: <Undisclosed recipients:>
Sent: Thursday, January 03, 2002 6:00 AM
Subject: Sophos Anti-Virus IDE alert: JS/Seeker-E


 Message-Id: <20020103103821.C58411D327@xxxxxxxxxxxxxxxxx>
Date: Thu,  3 Jan 2002 10:38:21 +0000 (GMT)
 
Name: JS/Seeker-E
Type: Trojan
Date: 3 January 2002
 
A virus identity file (IDE) which provides protection is
available now from our website and will be incorporated
into the January 2002 (3.53) release of Sophos Anti-Virus.

Sophos has received several reports of this virus from the wild.

Description:

JS/Seeker-E is a malicious script which exploits a security
vulnerability detailed in Microsoft Security Bulletin MS00-075. 

 It will attempt to modify Internet Explorer settings, such as
the Start Page and Search setting, to overwrite installed
values. Generally the new settings point to sites which are
pornographic in nature. 
 
The Trojan writes to Registry values under 

HKCU\Software\Microsoft\Internet Explorer

 
Download the IDE file from
http://www.sophos.com/downloads/ide/seeker-e.ide
 
 Read the analysis at
http://www.sophos.com/virusinfo/analyses/jsseekere.html

Download a ZIP file containing all the IDE files available for
the current version of Sophos Anti-Virus from
http://www.sophos.com/downloads/ide/ides.zip
 
Read about how to use IDE files at
http://www.sophos.com/downloads/ide/using.html

To unsubscribe from this service please visit
http://www.sophos.com/virusinfo/notifications
 
 


------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tiny Wireless Camera under $80!
Order Now! FREE VCR Commander!
Click Here - Only 1 Day Left!
http://us.click.yahoo.com/WoOlbB/7.PDAA/ySSFAA/zMEolB/TM
---------------------------------------------------------------------~->

To unsubscribe from this group, send an email to:
realtraders-unsubscribe@xxxxxxxxxxxxxxx

 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/