|
 |
|
BROPIA.F
|
|
|
First Report:
|
2005-02-03 02:52
|
|
Last Update:
|
2005-03-04 23:31
|
|
|
Risk Rating:
|
Low Risk
|
|
|
Aliases:
|
Bropia.E
Bropia.F
IM-Worm.Win32.Exir.a
W32.Bropia.E
W32.Bropia.J
W32/Bropia-D
W32/Bropia.E.worm
W32/Bropia.F
W32/Bropia.worm
W32/Bropia.worm.g
Win32.Bropia.E
Win32.Rbot.BOM
Win32/Bropia.F.worm
WORM_BROPIA.F
|
|
|
Virus Alerts:
|
Secunia issued a MEDIUM RISK alert for this virus.
2005-02-03 06:25
|
|
|
Information From AntiVirus Vendors
|
|
|
|
|
Below you will find virus information from different antivirus vendors included in this Secunia Virus Profile. Information about the virus along with links to removal tools will be listed below when available.
The information provided is sorted by the date on which the information first became publicy available on the antivirus vendors' websites. The earliest available reports are displayed first. Please note timestamps are in GMT+1.
|
|
|
#1 - TREND MICRO
|
| |
|
|
WORM_BROPIA.F
|
Severity:
1/3
|
File Size:
-
|
| |
|
|
Reported:
2005-02-03 02:52
|
Last Update:
2005-02-17 23:42
|
| |
Description:
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-02-11 23:42
|
Severity was decreased from 2/3 to 1/3.
|
| |
|
|
2005-02-03 04:16
|
Severity was raised from 1/3 to 2/3.
|
|
|
|
|
|
#2 - TREND MICRO
|
| |
|
|
WORM_BROPIA.F
|
Severity:
1/3
|
File Size:
-
|
| |
|
|
Reported:
2005-02-03 04:02
|
Last Update:
2005-02-17 23:42
|
| |
Description:
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-02-11 23:42
|
Severity was decreased from 2/3 to 1/3.
|
| |
|
|
2005-02-03 04:16
|
Severity was raised from 1/3 to 2/3.
|
|
|
|
|
|
#3 - MCAFEE
|
| |
|
|
W32/Bropia.worm.g
|
Severity:
2/7
|
File Size:
188,928 bytes
|
| |
|
|
Reported:
2005-02-03 04:37
|
Last Update:
2005-02-03 18:02
|
| |
Description:
This is a worm that propagates through MSN messenger and drops a variant of W32/Sdbot.worm.gen.t worm.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-02-03 18:02
|
Description was changed.
New:
"This is a worm that propagates through MSN
messenger and drops a variant of
W32/Sdbot.worm.gen.t worm."
Old:
"This is a worm that propagates through MSN
messenger and drops a variant of
W323/Sdbot.worm.gen.t worm."
|
| |
|
|
2005-02-03 12:47
|
Description was changed.
New:
"This is a worm that propagates through MSN
messenger and drops a variant of
W323/Sdbot.worm.gen.t worm."
Old:
"This is a worm that propagates through MSN
messenger and drops the
W323/Gaobot.worm.gen.l worm."
|
| |
|
|
2005-02-03 06:07
|
Description was changed.
New:
"This is a worm that propagates through MSN
messenger and drops the
W323/Gaobot.worm.gen.l worm."
Old:
"AVERT has received a sample of this threat
and is currently in the process of analyzing
it. Details will be posted when they are
available. Please check back shortly. Top of
Page"
|
|
|
|
|
|
#4 - COMPUTER ASSOCIATES
|
| |
|
|
Win32.Bropia.E
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2005-02-03 04:42
|
Last Update:
2005-03-04 23:31
|
| |
Description:
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-03-01 23:32
|
Severity was decreased from 2/5 to N/A.
|
| |
|
|
2005-03-01 23:32
|
Description was changed.
New:
"N/A"
Old:
"Win32.Bropia.E is a worm that spreads via MSN
Messenger. It may also be able to spread
using Windows Messenger. It drops a variant
of the Rbot worm family, Win32.Rbot.BOM. When
run, Bropia.E copies itself to
%System%\msnus.exe. It also creates three
files in the root directory of the current
drive (usually c:\). The first file is a copy
of the worm itself, using one of the
following file names:"
|
| |
|
|
2005-02-08 23:42
|
Description was changed.
New:
"Win32.Bropia.E is a worm that spreads via MSN
Messenger. It may also be able to spread
using Windows Messenger. It drops a variant
of the Rbot worm family, Win32.Rbot.BOM. When
run, Bropia.E copies itself to
%System%\msnus.exe. It also creates three
files in the root directory of the current
drive (usually c:\). The first file is a copy
of the worm itself, using one of the
following file names:"
Old:
"Win32.Bropia.E is a worm that spreads via MSN
Messenger. It may also be able to spread
using Windows Messenger. It drops a variant
of the Rbot worm family, Win32.Rbot.BOM. When
run, Bropia.E creates two files in the root
directory of the current drive (usually c:\).
The first file is a copy of the worm itself,
using one of the following file names:"
|
| |
|
|
2005-02-03 07:52
|
Severity was raised from N/A to 2/5.
|
| |
|
|
2005-02-03 07:52
|
Description was changed.
New:
"Win32.Bropia.E is a worm that spreads via MSN
Messenger. It may also be able to spread
using Windows Messenger. It drops a variant
of the Rbot worm family, Win32.Rbot.BOM. When
run, Bropia.E creates two files in the root
directory of the current drive (usually c:\).
The first file is a copy of the worm itself,
using one of the following file names:"
Old:
"N/A"
|
|
|
|
|
|
#5 - SYMANTEC
|
| |
|
|
W32.Bropia.J
|
Severity:
2/5
|
File Size:
-
|
| |
|
|
Reported:
2005-02-03 05:50
|
Last Update:
2005-02-04 06:44
|
| |
Description:
W32.Bropia.J is a worm that propagates using MSN Messenger and drops a variant of W32.Spybot.Worm.
|
| |
|
Full Report From Vendor
Removal Tool/Instructions
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-02-03 14:50
|
Description was changed.
New:
"W32.Bropia.J is a worm that propagates using
MSN Messenger and drops a variant of
W32.Spybot.Worm. "
Old:
"W32.Bropia.J is a worm that propagates using
MSN Messenger and drops a variant of
W32.Spybot.Worm."
|
| |
|
|
2005-02-03 14:50
|
Updated information about removal tool/instructions.
|
|
|
|
|
|
#6 - F-SECURE
|
| |
|
|
Bropia.F
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2005-02-03 10:45
|
Last Update:
2005-02-03 16:11
|
| |
Description:
Bropia.F is a minor variant of Bropia.A. Like the previous variants, it uses MSN messenger for spreading. It also drops a variant of Rbot on the infected system.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-02-03 11:21
|
Description was changed.
New:
"Bropia.F is a minor variant of Bropia.A. Like
the previous variants, it uses MSN messenger
for spreading. It also drops a variant of
Rbot on the infected system."
Old:
"Bropia.F is a minor variant of Bropia.A. It
uses MSN messenger for spreading."
|
|
|
|
|
|
#7 - PANDA ANTIVIRUS
|
| |
|
|
Bropia.E
|
Severity:
2/4
|
File Size:
-
|
| |
|
|
Reported:
2005-02-03 13:18
|
Last Update:
2005-02-04 19:43
|
| |
Description:
It installs the worm Gaobot.CTX on the affected computer. It spreads via MSN Messenger.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2005-02-04 19:43
|
Severity was decreased from 3/4 to 2/4.
|
| |
|
|
2005-02-03 23:03
|
Severity was raised from 2/4 to 3/4.
|
| |
|
|
2005-02-03 16:13
|
Description was changed.
New:
"It installs the worm Gaobot.CTX on the
affected computer. It spreads via MSN
Messenger."
Old:
"It installs the worm Gaobot.CTX on the
affected computer."
|
|
|
|
|
|
Please note: The information that this Secunia Virus Profile is based on comes from a third party unless stated otherwise.
The grouping process is done completely automatically, therefore minor inconsistencies may occur. For more information about Secunia Virus Information, please read: About Virus Information.
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
