Virus Malware and Threat News for 20080328
Exploit:W32/JetDb.C - Exploit:W32/JetDb.C at F-Secure
This sample arrives together with a malicious MS Word document file as a package or attachment to email
messages. The specially crafted file exploits a known Remote Code Execution vulnerability on Microsoft Jet
Database Engine....
Trojan.Acdropper.C - Trojan.Acdropper.C at Norton Symantec
is a Trojan horse that drops Backdoor.Trojan and downloads potentially malicious code on to the compromised
computer....
W32.Imspread.Gen - W32.Imspread.Gen at Norton Symantec
W32.Imspread.Gen is a generic detection for the worm family that spreads through instant message programs. It
may download additional threats and open a back door.
...
PCClean - PCClean at Norton Symantec
BehaviorPCClean is a misleading application that may give exaggerated reports of threats on the computer.
...
PCAntiSpyware - PCAntiSpyware at Norton Symantec
BehaviorPCAntiSpyware is a misleading application that may give exaggerated reports of threats on the computer.
...
AntispyDeluxe - AntispyDeluxe at Norton Symantec
BehaviorAntispyDeluxe is a misleading application that may give exaggerated reports of threats on the computer.
...
MalwareWar - MalwareWar at Norton Symantec
BehaviorMalwareWar is a misleading application that may give exaggerated reports of threats on the computer.
...
W32/Kely.worm.gen - W32/Kely.worm.gen at McAfee
W32/Kely.worm.gen is a worm that can propagate via network shares and removable drives.Upon execution, it
copies itself to the following folders:C:\Documents and Settings\All Users\Start
Menu\Programs\Startup\MSconfig.exeWinDir%\system\lsass.exe%WinDir%\lsass.exe(where %WinDir% is the default
Windows directory, for example C:\WINNT, ...
W32/Milam.worm - W32/Milam.worm at McAfee
This worm spreads via network shares and could allow an attacker with unauthorized remote access to the
compromised machine and the attacker can perform the following actions on this infected machine:Retrieve
system information Upload/Download files via HTTP/FTPExecute programs remotely Start and stop services Perform
DDOS...
JS/Exploit-ArcServe - JS/Exploit-ArcServe at McAfee
JS/Exploit-ArcServe is a generic detection for CA BrightStor ARCserve Backup ListCtrl ActiveX Control
buffer overflow vulnerability.The buffer overflow occurs while supplying a long string as a parameter to the
AddColumn function. This vulnerability could be exploited by a malicious user to cause remote code execution.
...
TROJ_MDROPPER.SN - TROJ_MDROPPER.SN at Trend Micro
...
JS_PSYME.BOU - JS_PSYME.BOU at Trend Micro
This malicious JavaScript (JS) script may be downloaded from a certain remote site.It takes advantage of
software vulnerabilities, which allows a remote malicious user or malware to download files on the affected
machine.It connects to a Web site to download a malicious file, which Trend Micro detects as TROJ_VUNDO.BHH.
As a result,...
Selex.B - Selex.B at Panda
It passes itself off as a download manager in order to deceive users and sends spam messages to the email
addresses obtained from the affected computer. It does not spread automatically by its own means.
...
Troj/Agent-GUF - Troj/Agent-GUF at Sophos
...
Troj/Agent-GUG - Troj/Agent-GUG at Sophos
...
Troj/Bifrose-VP - Troj/Bifrose-VP at Sophos
...
W32/Starter-H - W32/Starter-H at Sophos
...
Troj/Agent-GUE - Troj/Agent-GUE at Sophos
...
Troj/Bckdr-QMR - Troj/Bckdr-QMR at Sophos
...
Troj/DwnLdr-HBZ - Troj/DwnLdr-HBZ at Sophos
...
Troj/Spywad-AX - Troj/Spywad-AX at Sophos
Troj/Spywad-AX is a Trojan for the Windows platform. Troj/Spywad-AX
displays fake messages claiming the computer is infected with spyware and then tries to sell the user
antispyware tools. When Troj/Spywad-AX is run, the following files are created:
<...
Troj/BahnDl-Fam - Troj/BahnDl-Fam at Sophos
...
Troj/Oscor-M - Troj/Oscor-M at Sophos
Troj/Oscor-M is a backdoor Trojan for the Windows platform which allows a remote intruder to gain
access and control over the computer. Troj/Oscor-M creates a hidden instance of
Internet Explorer to communicate with the remote server via http POST messages. When
Troj/Oscor-M...
0 writebacks [03/28/2008 05:44]
[]
permanent link
|
