Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Microsoft > Security

January 13th, 2011, 11:32 GMT · By

Free Microsoft Security Tool Updated to Kill the Lethic Trojan

SHARE:

Adjust text size:

Security
Enlarge picture
Concomitantly with the latest security bulletin release, Microsoft has also updated a free security tool designed to tackle a specific list of malware.

The latest version of the Malicious Software Removal Tool is now equipped to detect and clean infections involving Win32/Lethic, a Trojan horse set up to connect to remote servers from compromised machines and distribute spam.

However, the software giant warned that spam distribution is only one of the ways in which Lethic can leverage an infected computer, and that attackers can potentially use it to perform additional unauthorized actions.

“Variants of Lethic install executable files with varied file names such as “shelldm.exe” or “xcllsx.exe”. The malware loads as a process when Windows starts,” revealed Patrick Nolan, MMPC.

“The trojan establishes a connection to remote servers using varied TCP ports, such as 1430, 8900, 8090 and so on. It communicates with servers with names such as “dqglobex.com”, “verywellhere.cn”, “iamnothere.cn” among others.”

The reason why Win32/Lethic was added to MSRT is related to high volume of spam sent by the Trojan, that the Redmond company detected.

Microsoft underlined that Forefront Online Protection for Exchange (FOPE) contributed to harvesting the statistics that ultimately flagged Lethic as the best candidate for introduction among the malicious code tackled by the Malicious Software Removal Tool.

“Win32/Lethic is not the biggest botnet in terms of IP addresses, however, it is known for sending many messages into a single envelope,” Nolan added.

A comparison between the spam distribution models of Win32/Rustock and Win32/Lethic reveals that the latter is capable of spamming multiple email addresses with a single message while for the first it’s a case of a 1:1 ration.

“You can do more to protect your Internet experience by running a full AV solution, such as Microsoft Security Essentials, for real-time protection,” Nolan advised.

Microsoft Windows Malicious Software Removal Tool is available for download here.

Microsoft Security Essentials 2.0 is available for download here.


2,990 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Microsoft Investigating Potential IE 0-Day Detected by Fuzzing Tool cross_fuzz
Free Microsoft Security Code Sanitization Tool Updated
Windows 8 Feature Wish List Item: App Blacklisting
Microsoft Released 106 Security Bulletins in 2010
Free Microsoft Security Tool Kills Microsoft Security Essentials Alert Rogue

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use