phpbb and sql errors asp sqlserver odbc sql errors
click to see newsfeed

Newsfeed
(click to hide)

about this feed

Today´s Diary

If you have more information or corrections regarding our diary, please share.

Share |
Published: 2010-03-17,
Last Updated: 2010-03-17 18:34:37 UTC
by Deborah Hale (Version: 1)
0 comment(s)

One of our readers just advised us that the college that he is associated with has had a major outbreak of  Trojan.Win32.Scar.bwgf (Kaspersky).  Michael reported:

"We are now in major clean up mode.  All the file servers have been removed from the network to prevent further spread.

Basically the virus hides all the files in a directory and the directory itself.  It then adds a file of 74K with the same name as the file with a .exe.  So a user wishing to open
their word document would actually be infecting themselves with the virus."

Michael asked if we had received any other reports of infection from this Trojan.  A quick look on Google it appears that some variation of this has been around for a while.  
It looks like his campus may be dealing with an updated version. 
 

If anyone else is seeing any activity for this Trojan give us a shout.  Thanks Michael for reporting this to us.

 

Deb Hale Long Lines, LLC

Keywords: Trojan Scar
0 comment(s)

If you have more information or corrections regarding our diary, click here to contact us.

Diary Archive

DateAuthorTitle
2010-03-17Deborah Hale Trojan outbreak on a College Campus
2010-03-16Lenny Zeltser Trouble Ticket Express Exploit in the Wild a Day After the Vulnerability Announcement
2010-03-16Lenny Zeltser Internet Explorer 9 "Platform Preview" Now Available From Microsoft
2010-03-15Adrien de Beaupre Spamassassin Milter Plugin Remote Root Attack
2010-03-14Marcus Sachs DST Issue in Windows 7 Ultimate?
2010-03-13Marcus Sachs Evil Sports Sites
2010-03-11donald smith Cert write up on Skype IMBot Logic and Functionality.
2010-03-11donald smith Interesting SKYPE SPIM.
2010-03-10Rob VandenBrink What's My Firewall Telling Me? (Part 4)
2010-03-10Rob VandenBrink Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7
Complete Archive
Search Diaries: