Virus Malware and Threat News for 20080425
Spyware.SpyMail - Spyware.SpyMail at Norton Symantec
BehaviorSpyware.SpyMail is a spyware program that may steal sensitive information from the computer.
...
W32/Rastax.worm - W32/Rastax.worm at McAfee
The virus copies itself to the Windows directory:%WinDir%\system32\csoss.exe%WinDir%\syste32\setup\lsass.
exe%WinDir%\system32\drivers\lsass.exe%WinDir%\temp\lsass.exe(where %WinDir% is the default Windows directory,
for example C:\WINNT, C:\WINDOWS etc.)and creates registry run keys to load itself at
startup
HKEY_LOCAL_MACHINE\SO...
W32/Sdbot.worm!54D1EEB9 - W32/Sdbot.worm!54D1EEB9 at McAfee
This is a variant of W32/Sdbot.worm which bears strong resemblance to the many other members of this rapidly
growing family. It bears the following characteristics:propagates to machines vulnerable to the following
exploits: DCcomRPC http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx ASN.1 vulnerability
(MS04-007) ...
PE_SALITY.M - PE_SALITY.M at Trend Micro
This file infector may be downloaded from remote sites by other malware.It may be dropped by other malware.It
may be downloaded unknowingly by a user when visiting malicious Web sites.It infects by appending its code to
target host files.It infects specific files.It avoids folders with certain strings.It drops a file, which is
detect...
TROJ_TIBS.AYH - TROJ_TIBS.AYH at Trend Micro
...
TROJ_SHEZAN.C - TROJ_SHEZAN.C at Trend Micro
This Trojan may be downloaded from certain remote sites. It drops component file(s) detected by Trend Micro as
TROJ_KILLWIN.AM.As a result, malicious routines of the dropped file may also be exhibited on the affected
system.It modifies the system's HOSTS file to prevent users from accessing Web sites related to Bancomer.When
an affec...
TROJ_AGENT.ANAF - TROJ_AGENT.ANAF at Trend Micro
This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware. It may
be downloaded unknowingly by a user when visiting malicious Web sites.It drops files/components. Upon
execution, it displays the following Graphical User Interface (GUI):It creates registry entries to enable its
automatic exec...
Troj/Zlob-AKM - Troj/Zlob-AKM at Sophos
Troj/Zlob-AKM is a Trojan for the Windows platform. When Troj/Zlob-AKM is
installed the following files are created: <Current Folder>\sbmdl.dll
<Current Folder>\sbsm.exe The following registry entry is created to run
Troj/Zlob-AKM ...
Troj/Zlob-AKN - Troj/Zlob-AKN at Sophos
Troj/Zlob-AKN is a Trojan for the Windows platform. Troj/Zlob-AKN includes
functionality to access the internet and communicate with a remote server via HTTP.
When Troj/Zlob-AKN is installed it creates the file <Current Folder>\scm.exe. The
followi...
Troj/Zlob-AKO - Troj/Zlob-AKO at Sophos
...
W32/Allaple-F - W32/Allaple-F at Sophos
W32/Allaple-F is a worm for the Windows platform. W32/Allaple-F spreads to
other network computers protected by weak passwords. When first run W32/Allaple-F moves
itself to the Windows system folder with a randomly generated filename and registers itself as a new file
system d...
Troj/Agent-GXC - Troj/Agent-GXC at Sophos
...
Troj/BackDr-V - Troj/BackDr-V at Sophos
...
Troj/Banker-ELJ - Troj/Banker-ELJ at Sophos
...
Troj/Hosts-D - Troj/Hosts-D at Sophos
Troj/Hosts-D installs a new HOSTS file in order to redirect the user from legitimate internet
banking sites to malicious domains.
...
Troj/MDrop-BRZ - Troj/MDrop-BRZ at Sophos
...
Troj/Shark-C - Troj/Shark-C at Sophos
...
0 writebacks [04/26/2008 04:41]
[]
permanent link
|
