Virus Malware and Threat News for 20080329
Packed.Generic.61 - Packed.Generic.61 at Norton Symantec
Packed.Generic.61 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal themselves from antivirus software.
...
W32.Tvido.B!inf - W32.Tvido.B!inf at Norton Symantec
W32.Tvido.B!inf is a virus that infects executable files on the compromised computer.
...
WORM_KELVIR.EI - WORM_KELVIR.EI at Trend Micro
This worm arrives on a system as a dropped file of other malware. It may also be downloaded unknowingly by a
user when visiting malicious Web sites.It drops a copy of itself and several non-malicious component files.
It also modifies the affected system's registry to ensure its automatic execution at every system startup.This
worm ...
RenameLoi.A - RenameLoi.A at Panda
It carries out several modifications in the Windows Registry, which prevent the computer from working properly.
It can modify Windows protected files, which could cause problems with the operating system. It spreads
through local, removable and mapped drives.
...
Nakuru.A - Nakuru.A at Panda
It modifies the Internet Explorer window title, changing it to the message Infected by GoKill ...^^v.... This
way, when the user opens a website with Internet Explorer, this message will be displayed in the window title.
It does not spread automatically by its own means.
...
Troj/Agent-GUI - Troj/Agent-GUI at Sophos
Troj/Agent-GUI is a Trojan for the Windows platform. Troj/Agent-GUI
includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Agent-GUI copies itself to <User>\Application Data\<random name>.exe.
...
Troj/Dloadr-BJW - Troj/Dloadr-BJW at Sophos
Troj/Dloadr-BJW is a Trojan for the Windows platform. Troj/Dloadr-BJW
creates the following registry entry to start itself:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\advap32...
Troj/Dloadr-BJX - Troj/Dloadr-BJX at Sophos
...
Troj/FakeAle-AW - Troj/FakeAle-AW at Sophos
Troj/FakeAle-AW is a Trojan for the Windows platform. When first run
Troj/FakeAle-AW copies itself to <System>\sbwltbxa.exe and creates the file <System>\winfrun32.bin.
The file winfrun32.bin is not malicious and may be deleted. The Trojan may also drop
corrupt fil...
Troj/Nymod-A - Troj/Nymod-A at Sophos
Troj/Nymod-A is a Trojan for the Windows platform. Troj/Nymod-A includes
functionality to access the internet and communicate with a remote server. When
Troj/Nymod-A is run, it drops the file: <System>\^^^^^.exe - proactively detected
as Mal/Basi...
Mal/Agent-G - Mal/Agent-G at Sophos
Mal/Agent-G is a Trojan for the Windows platform.
...
Troj/Bckdr-QMS - Troj/Bckdr-QMS at Sophos
Troj/Bckdr-QMS is a backdoor Trojan which allows a remote intruder to gain access and control over
the computer. When first run Troj/Bckdr-QMS copies itself to <System>\wcbi.exe
and creates the file <System>\iaxcfg32.dll, which is a data file and can be safely deleted.
...
Troj/Dloadr-BJV - Troj/Dloadr-BJV at Sophos
Troj/Dloadr-BJV creates the following registry entry to start itself:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run advap32 <Current>\photo.exe"
/r...
Troj/Flood-IM - Troj/Flood-IM at Sophos
Troj/Flood-IM is a set of EXEs and DLLs that comprise a backdoor Trojan designed to be used as a
Distributed Denial of Service tool. When first run Troj/Flood-IM creates the following
files: <Windows>\edih.dll - detected as Troj/Flood-I
<System>\winnxp.h...
Troj/Lodok-A - Troj/Lodok-A at Sophos
Troj/Lodok-A is a Trojan for the Windows platform. When Troj/Lodok-A is
installed it creates the file <Program Files>\Microsoft Office\system\dodolook_7494.exe.
The file dodolook_7494.exe is detected as Mal/Generic-A. The file dodolook_7494.
exe is ...
0 writebacks [03/29/2008 05:42]
[]
permanent link
|
