Sicurezza IT proattiva
- SandBox Information Center
- Malware Analysis Search
- Articoli sulla sicurezza
- Blog sulla sicurezza [EN]
- Livello di pericolosità [EN]
- Minacce attuali di virus
- Tipi di malware [EN]
- Descrizione dei virus [EN]
- Statistiche sulla posta elettronica [EN]
- Testi, white paper generici ed altro
- La tecnologia Norman
W32/MSNSpamta.A
Threat risk
Threat risk low
|
Detection files published:
20 Nov. 2007 |
Description created:
2007-11-22 |
Description updated:
2007-11-22 |
|
Alias:
|
Spreading mechanism
Other | |
|
Payload:
Harvests email adresses, steals documents | ||
Summary
The malware disguises itself as a link to a JPEG-image from a random hotmail address. It has a double-extension - .JPEG.EXE.
Spreading description
MSNSpamta.A propagates through MSN (Microsoft Messenger).
Threat description
The worm attempts to harvest email addresses from documents with the following file extensions:
- csv
- txt
- wab
and attempts to steal documents containing the file extensions:
- c
- asm
- cpp
- inc
- nfo
- info
- h
- wpd
- sxw
- xml
- jtd
- hwp
- wps
- dif
- dbf
- sdc
- slk
- wk1
- wks
- 123
- eps
- ps
- ott
- rtf
- sdw
- php
- doc
- htm
- html
- tmp
- sys
- chm.
Removal
General information about removal of malicious software
Norman's antivirus products are in general able to remove all malicious software that is detected.
Some malware, however, uses techniques that the general product does not remove sufficiantly. We have therefore developed the free product Norman Malware Cleaner. Please use the latest version of this program from the link below - if your Norman antivirus is unable to clean-up the infection.
| Utilizzo | Titolo | Commento |
|---|---|---|
| Blocco dei virus che infettano le condivisioni di rete | ||
| Cleaning of back-up folders on Windows Me and XP |