Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Sitemap

PE_FUNLOVE.4099
BugsAlert Home > PE_FUNLOVE.4099
 
 

This memory-resident, entry-point obscuring virus infects all Win32 files in local drives and shared network drives, with the following extensions:

  • OCX
  • SCR
  • EXE

On NT-based systems (Windows NT, 2000, XP, and Server 2003), the virus patches the critical system files, NTLDR and NTOSKRNL.EXE, weakening system security. These patches are aimed at disabling the integrity checking for NTOSKRNL.EXE and disabling access rights checking for all files in local drives.

It works on Windows 95, 98, ME, NT, 2000, XP, and Server 2003.




Original Source: http://feeds.trendmicro.com/~r/MalwareTop10/~3/162395451/default5.asp

Learn more about PE_FUNLOVE.4099
 
Tags: funlove.4099

Related Items
      CVE-2007-6380 (e-Xoops)

      FMDeluxe (index.php) Cross-Site Scripting Vulnerability

      AuthentiX Multiple Cross-Site Scripting Vulnerabilities

      Kasseler CMS Multiple SQL Injection Vulnerabilities

      emacspeak Insecure Temporary Files

      FrSIRT - Gentoo Security Update Fixes Openfire Denial of Service Vulnerability

      Bugtraq: [ GLSA 200711-19 ] TikiWiki: Multiple vulnerabilities

 
© 2007-2008 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel