Posts Tagged ‘arbitrary files’

MSRT January 2013 – Ganelp

Jan

2013

To start the new year, we have added the Win32/Ganelp and Win32/Lefgroo families of worms to the January release of the Malicious Software Removal Tool. Win32/Ganelp spreads via removable drives, uploads stolen information and downloads arbitrary files from remote FTP servers. We have had detection signatures for this family for approximately 2 years and it continues to […]

Category General Written by Microsoft Malware Protection Center 0 Comments

An analysis of Dorkbot’s infection vectors (part 2)

Nov

2012

In part 1 of this series, we talked about Dorkbot and its spreading mechanisms that required user interaction. In this post, we’ll talk about how Dorkbot spreads automatically, via drive-by downloads and Autorun files. Spreading vectors not requiring user interaction: Drive-by downloads and Autorun files Dorkbot can also spread automatically, without user interaction. We recently […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Operation b79 (Kelihos) and Additional MSRT September Release

Sep

2011

For the month of September, Microsoft is adding the Win32/Kelihos family to a second release of the Malicious Software Removal Tool. This additional release is to support the most recent action in Project MARS- Operation b79 which targets the Kelihos botnet. Operation b79 builds on the successes of the Rustock and Waledac takedowns. This operation […]

Category General Written by Microsoft Malware Protection Center 0 Comments

The Latest in IT Security

Posts Tagged ‘arbitrary files’

MSRT January 2013 – Ganelp

An analysis of Dorkbot’s infection vectors (part 2)

Operation b79 (Kelihos) and Additional MSRT September Release

Categories

Featured

Archives

Latest Comments

About Us

Contact Us