Microsoft July 2007 Monthly Bulletins
iPhone vulnerability
Q: What is Virus.Win32.Gpcode?
A: Virus.Win32.Gpcode is a kind of virus which can encrypt files with RSA algorithm.
Today, some vendors reported a variant of Virus.Win32.Gpcode, such as TrendMicro, Kaspersky, Pandalabs. According their reports, this variant uses a complex encryption algorithm to encrypt user files and archives, include Microsoft Office files (.DOC, .XLS, .PPT), PDF documents, archived files (.ZIP, .RAR) and so on. Upon execution, it drops the file "read_me.txt" in all folders, which contains the following text:
Related links:
1. Trend Micro: TSPY_KOLLAH.F
2. Pandalabs: A new case of RansomWare !!!
3. Kaspersky: Kaspersky Lab detects new version of Gpcode
4. Symantec: Trojan.Gpcoder.E
Last modified by smallmo onJuly 18, 2007 18:24
A: Virus.Win32.Gpcode is a kind of virus which can encrypt files with RSA algorithm.
Today, some vendors reported a variant of Virus.Win32.Gpcode, such as TrendMicro, Kaspersky, Pandalabs. According their reports, this variant uses a complex encryption algorithm to encrypt user files and archives, include Microsoft Office files (.DOC, .XLS, .PPT), PDF documents, archived files (.ZIP, .RAR) and so on. Upon execution, it drops the file "read_me.txt" in all folders, which contains the following text:
Hello, your files are encrypted with RSA-4096 algorithm (http://en.wikipedia.org/wiki/RSA).
You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us.
To decrypt your files you need to buy our software. The price is $300.
To buy our software please contact us at: xxxxxxx@gmail.com and provide us your personal code -xxxxxxxxx. After successful purchase we will send your decrypting tool, and your private information will be deleted from our system.
If you will not contact us until 07/15/2007 your private information will be shared and you will lost all your data.
Glamorous team
You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us.
To decrypt your files you need to buy our software. The price is $300.
To buy our software please contact us at: xxxxxxx@gmail.com and provide us your personal code -xxxxxxxxx. After successful purchase we will send your decrypting tool, and your private information will be deleted from our system.
If you will not contact us until 07/15/2007 your private information will be shared and you will lost all your data.
Glamorous team
Related links:
1. Trend Micro: TSPY_KOLLAH.F
2. Pandalabs: A new case of RansomWare !!!
3. Kaspersky: Kaspersky Lab detects new version of Gpcode
4. Symantec: Trojan.Gpcoder.E
Last modified by smallmo onJuly 18, 2007 18:24
Clean out those nasty little bugs.
The antispyware solution from Search-and-destroy is one of the best scanners I’ve found so far to help me clean out those nasty little bugs that slows down my computer and causes it to freeze up or crash. It keeps my computer running like new and best of all it cost less than many of the other better known scanners that have been available for awhile now. I was glad that I finally found a scan that works and that’s so affordable. Search-and-destroy Antispyware is the best scanner I’ve used so far and you can find out more information by simply visiting http://www.Search-and-destroy.com.
The antispyware solution from Search-and-destroy is one of the best scanners I’ve found so far to help me clean out those nasty little bugs that slows down my computer and causes it to freeze up or crash. It keeps my computer running like new and best of all it cost less than many of the other better known scanners that have been available for awhile now. I was glad that I finally found a scan that works and that’s so affordable. Search-and-destroy Antispyware is the best scanner I’ve used so far and you can find out more information by simply visiting http://www.Search-and-destroy.com.
asRasfdsfsadfsadfsdfsadfsfsfsf
arafatco Says : 
December 15, 2007 03:25
sdfds
arafatco Says :
December 15, 2007 03:24
vxhnfghgfh
MAD Says :
July 18, 2007 02:48
Please read: http://www.prevx.com/blog.asp?ID=31
Removal tool with decryption features by Prevx
http://www.prevxresearch.com/unransomme.exe
Removal tool with decryption features by Prevx
http://www.prevxresearch.com/unransomme.exe
Pages: 1/1 
1 
1
