Sécurité Proactive
W32/MSNSpamta.A
Threat risk
Threat risk low
|
Detection files published:
20 Nov. 2007 |
Description created:
2007-11-22 |
Description updated:
2007-11-22 |
|
Alias:
|
Spreading mechanism
Other | |
|
Payload:
Harvests email adresses, steals documents | ||
Summary
The malware disguises itself as a link to a JPEG-image from a random hotmail address. It has a double-extension - .JPEG.EXE.
Spreading description
MSNSpamta.A propagates through MSN (Microsoft Messenger).
Threat description
The worm attempts to harvest email addresses from documents with the following file extensions:
- csv
- txt
- wab
and attempts to steal documents containing the file extensions:
- c
- asm
- cpp
- inc
- nfo
- info
- h
- wpd
- sxw
- xml
- jtd
- hwp
- wps
- dif
- dbf
- sdc
- slk
- wk1
- wks
- 123
- eps
- ps
- ott
- rtf
- sdw
- php
- doc
- htm
- html
- tmp
- sys
- chm.
Removal
General information about removal of malicious software
Norman's antivirus products are in general able to remove all malicious software that is detected.
Some malware, however, uses techniques that the general product does not remove sufficiantly. We have therefore developed the free product Norman Malware Cleaner. Please use the latest version of this program from the link below - if your Norman antivirus is unable to clean-up the infection.
| Utilisation | Titre | Commentaire |
|---|---|---|
| Stopper la propagation des virus sur les partages réseau | ||
| Cleaning of back-up folders on Windows Me and XP |
