Sophos Anti-Virus IDE alert: Troj/Zlob-AIA

[Sophos Alert System <[EMAIL PROTECTED]>]

Name: Troj/Zlob-AIA
Aliases: Trojan-Downloader.Win32.Zlob.gsa
Type: Trojan
Date: 30 January 2008


Sophos has issued protection for Troj/Zlob-AIA.

At the time of writing, Sophos has received no reports from
users affected by this Trojan. However, we have issued this
advisory following enquiries to our support department from
customers.


Customers using EM Library, Enterprise Console, PureMessage,
Sophos email security appliance, or any of our Sophos small
business solutions will be automatically protected at their next
scheduled update.

Information about Troj/Zlob-AIA can be found at:
http://www.sophos.com/sl/va/security/analyses/trojzlobaia.html

The Troj/Zlob-AIA virus identity file (IDE) includes detection for:


Mal/Emogen-U
http://www.sophos.com/sl/va/security/analyses/malemogenu.html
Troj/IRCBot-AAF
http://www.sophos.com/sl/va/security/analyses/trojircbotaaf.html
Troj/Zlob-AHP
http://www.sophos.com/sl/va/security/analyses/trojzlobahp.html


Customers with 4.1x or lower versions of Sophos Anti-Virus, 

who are not running EM Library, can manually download the IDE

for Troj/Zlob-AIA from:



http://www.sophos.com/sl/va/downloads/ide/zlob-aia.ide

For users of Sophos Anti-Virus for Windows 2000/XP/2003, version
6, this identity file includes detection for the following
potentially unwanted applications (PUAs):

RegCure
http://www.sophos.com/sl/va/security/analyses/regcure.html

RegCure Installer
http://www.sophos.com/sl/va/security/analyses/regcureinstaller.html

PUA is a term used to describe an application that is not
inherently malicious, but is generally considered unsuitable for
the majority of business networks. Potentially unwanted
applications include adware, dialers, remote administration
tools and hacking tools.

Read about how to use IDE files at
http://www.sophos.com/support/knowledgebase/article/363.html





----
To unsubscribe, email: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]