Trend Micro - Newest Malware Advisories http://www.trendmicro.com/vinfo/default.asp?sect=SA TREND MICRO provides free malware information updates HTML_IFRAME.PRhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=HTML_IFRAME.PR2008-05-13TROJ_MUTANT.ALhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_MUTANT.AL2008-05-13This Trojan is a .DLL component that is dropped and installed by other malwares in the affected system. It creates registry entries to enable its automatic execution at every system startup.

]]>HTML_IFRAME.OMhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=HTML_IFRAME.OM2008-05-12This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain iFrame tag. Once an unsuspecting user views an infected Web page, it attempts to connect to a known malicious Web site. However, the site is inaccessible as of this writing.

This malicious HTML script may be downloaded from remote sites by other malware.

]]>JS_PSYME.CJHhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS_PSYME.CJH2008-05-12JS_AGENT.AHJBhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS_AGENT.AHJB2008-05-12WORM_AUTORUN.ARIhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AUTORUN.ARI2008-05-11This worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It drops copies of itself.

It creates registry entries to enable its automatic execution at every system startup. It modifies registry entries to enable its automatic execution at every system startup.

It drops copies of itself in all physical and removable drives. It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.

]]>TROJ_DRONDOG.Fhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_DRONDOG.F2008-05-09This Trojan may be downloaded from remote site(s) by the following malware:

It may be downloaded from certain remote site(s).

It connects to Web sites that contains a list of malware download sites. It then executes the downloaded files. As a result, routines of the downloaded files are exhibited on the affected system.

It deletes itself after execution.

]]>WORM_SILLY.HGhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SILLY.HG2008-05-09This worm may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites. It may also arrive via removable and physical drives.

It creates registry entries to enable its automatic execution at every system startup.

It drops copies of itself in all physical drives and in all removable drives.

It drops files.

]]>TROJ_WIMAD.AMhttp://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_WIMAD.AM2008-05-08