Virus Alert
Updated 15 Aug : 07:48 by Advanced IT
Virus Information
Discovered: July 25, 2008
Updated: August 15, 2008 12:57:18 PM
Also Known As: Spam-Mailbot.c [McAfee]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Backdoor.Rustock.B is a back door Trojan horse that allows a compromised computer to be used as a covert proxy. It uses advanced rootkit techniques to hide any files and registry subkeys it creates.
This virus is attached to emails with the subject line: CNN.com Daily Top 10.
Please DO NOT Open this message, right click on it and select delete. It causes about 1.5 hours of removal time per pc and will cause your company email domain to become blacklisted.
This means, nobody will be able to send you an email.
Protection
• Initial Rapid Release version July 5, 2006
• Latest Rapid Release version August 9, 2008 revision 020
• Initial Daily Certified version July 5, 2006
• Latest Daily Certified version August 9, 2008 revision 019
• Initial Weekly Certified release date July 5, 2006
Threat Assessment
• Wild Level: Moderate
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Moderate
• Removal: Complicated
Damage
• Damage Level: Severe. Most PC's Fail to boot.
Distribution
• Distribution Level: Medium
Recommendations
Protection
Advanced IT encourages all users and administrators to adhere to the following basic security "best practices":
• If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied by Advanced IT. Please contact one of Systems Engineers As Soon As Possible.
• Always keep your Antivirus levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.)
• Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised. Also, changing your password regulary increases both physical security and is a good best practise to maintain.
• Isolate infected computers quickly to prevent further compromising your organization. Contact Advanced IT to perform a forensic analysis and restore the computers using trusted media.
• Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
Discovered: July 25, 2008
Updated: August 15, 2008 12:57:18 PM
Also Known As: Spam-Mailbot.c [McAfee]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Backdoor.Rustock.B is a back door Trojan horse that allows a compromised computer to be used as a covert proxy. It uses advanced rootkit techniques to hide any files and registry subkeys it creates.
This virus is attached to emails with the subject line: CNN.com Daily Top 10.
Please DO NOT Open this message, right click on it and select delete. It causes about 1.5 hours of removal time per pc and will cause your company email domain to become blacklisted.
This means, nobody will be able to send you an email.
Protection
• Initial Rapid Release version July 5, 2006
• Latest Rapid Release version August 9, 2008 revision 020
• Initial Daily Certified version July 5, 2006
• Latest Daily Certified version August 9, 2008 revision 019
• Initial Weekly Certified release date July 5, 2006
Threat Assessment
• Wild Level: Moderate
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Moderate
• Removal: Complicated
Damage
• Damage Level: Severe. Most PC's Fail to boot.
Distribution
• Distribution Level: Medium
Recommendations
Protection
Advanced IT encourages all users and administrators to adhere to the following basic security "best practices":
• If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied by Advanced IT. Please contact one of Systems Engineers As Soon As Possible.
• Always keep your Antivirus levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.)
• Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised. Also, changing your password regulary increases both physical security and is a good best practise to maintain.
• Isolate infected computers quickly to prevent further compromising your organization. Contact Advanced IT to perform a forensic analysis and restore the computers using trusted media.
• Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
Advanced IT recommends contacting our support services team before attempting to recover or repair any of your corporate systems or workstations. There are many steps that can be put in place to prevent data loss and reduce the spread of damage to your company network.
comment(s): 15| thoisil | 20 Dec : 22:05 |
Reply to this | Read, but can't understand what to do :*( Advise please.. |
| hedecan | 20 Dec : 22:30 |
Reply to this | Got link on this post via Skype - good time spending  |
| gonus | 20 Dec : 23:12 |
Reply to this | Got a lot of pleasure, and practice effect with no doubt!. Claudine, Berlin. |
| lenar | 20 Dec : 23:33 |
Reply to this |
| thoisil | 21 Dec : 00:20 |
Reply to this | Thanks. Interesting! Added to favorites list =) |
| lenar | 21 Dec : 00:21 |
Reply to this | Very interesting! Can someone give any links related this theme? |
| meroisha | 21 Dec : 00:51 |
Reply to this | Not bad info. Waiting for new posts. BTW, where is admin? |
| thoisil | 21 Dec : 00:51 |
Reply to this | Interesting... Thanks from Bavaria. [link] [/url] [link] [/url] [link] [/url] [link] [/url] [link] [/url] [link] [/url] [link] [/url] [link] [/url] |
| anapekka | 21 Dec : 00:53 |
Reply to this | Very usefull, thanks! |
| anapekka | 21 Dec : 01:16 |
Reply to this | Want to read something more about this. Ok? |
| hedecan | 21 Dec : 01:47 |
Reply to this | Subscribed for your RSS, but can't read. Please check encoding please. |
| anapekka | 21 Dec : 03:12 |
Reply to this | Thanks a lot. Interesting things. And what is important - very actual! |
| hedecan | 21 Dec : 22:37 |
Reply to this | Not for me now. Will wait for some time.. |
| economs25 | 08 Jan : 03:51 |
Reply to this | top popular websites MikesApartment / TrannySurprise.com / MILFhunter / MonsterCurves / RoundandBrown / RealityKings / Bignaturals / Pure18 / BoysFirstTime / bignaturals.com / Dare Dorm / StreetBlowjobs / firsttimeauditions.com / EuroSexParties.com / daredorm.com / daredorm.com / daredorm.com / Cum Fiesta / welivetogether.com / MILFnextdoor / MILFnextdoor / |
You must be logged in to make comments on this site - please log in, or if you are not registered click here to signup
©2008 Advanced IT Limited. All Rights Reserved.
