Virus Malware and Threat News for 20080529
Backdoor:W32/SdBot.CKF - Backdoor:W32/SdBot.CKF at F-Secure
Backdoor:W32/SdBot.CKF is a backdoor. Backdoors are remote administration utilities that open infected
machines to external control via the Internet or a local network. Upon execution, SdBot.CKF will attempt to
connect to an IRC server and try to download additional malware to the infected machine.
...
Spyware.ExpressKeylog - Spyware.ExpressKeylog at Norton Symantec
BehaviorSpyware.ExpressKeylog is a spyware program that records keystrokes on the computer.
...
Generic.dx!1DAEE3B9 - Generic.dx!1DAEE3B9 at McAfee
File PropertyProperty ValueFile Nameastry.exeMcAfee DetectionNew Malware.dqLength2,342,912
bytesCRC321DAEE3B9MD5e13841f33f8a0bf9c50b61e154983bddSHA1E9C3067FA964F607A62DBDEC67754A74534660F1Other Common
Detection AliasesCompany NameDetection NameAhnLabWin32/Xema.worm.154436AvastWin32:VB-EYD [Wrm]AVG
(GriSoft)Worm/VB.BWFAviraTR/Crypt.CF...
PWS-OnlineGames.p!7D9FF6EC - PWS-OnlineGames.p!7D9FF6EC at McAfee
File PropertyProperty ValueFile Namea8.exeMcAfee DetectionPWS-OnlineGames.pLength24,948
bytesCRC327D9FF6ECMD59589afc9b707a616ddec82c21a0f3c77SHA1461793C34FC6B2D4AE7100D5021E497AF5B31525Other Common
Detection AliasesCompany NameDetection NameAvastWin32:OnLineGames-CYO [Trj]AVG (GriSoft)PSW.OnlineGames.
APUHAviraTR/PSW.OnlineGames.ajnnB...
PWS-Mmorpg.gen!6623DDD5 - PWS-Mmorpg.gen!6623DDD5 at McAfee
File PropertyProperty ValueFile Namea15.exeMcAfee DetectionPWS-Mmorpg.genLength18,445
bytesCRC326623DDD5MD53E9B6A7D4AA81CBA19DB98FE23E67DFFSHA113898329D7BB3740815815971E7EF6171D46A994Other Common
Detection AliasesCompany NameDetection NameAvastWin32:OnLineGames-DQS [Trj]AVG (GriSoft)psw.onlinegames.
ardlAviraTR/Dropper.GenBitDefenderT...
PWS-Mmorpg.gen!118D1797 - PWS-Mmorpg.gen!118D1797 at McAfee
File PropertyProperty ValueFile Namea10.exeMcAfee DetectionPWS-Mmorpg.genLength19,281
bytesCRC32118D1797MD5D426FFF79F910D94F217BC75B469F44DSHA1C86B390FE2F06ECA76CF659665A77BA3AB5B5ABBOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)psw.onlinegames.aqypNormansuspicious_f.
genSophosMal/EncPk-CSymantecInfostealer.Gamp...
PWS-Banker!19C47855 - PWS-Banker!19C47855 at McAfee
File PropertyProperty ValueFile Namerechnu~1.exeMcAfee DetectionPWS-BankerLength982,016
bytesCRC3219C47855MD55B82C2B7E89A40FB8CD9BF80CAC653B5SHA1623ECBF2DF8433BCFE3E0F37F9514A617B9E6F4DOther Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/Banker.982016.EAvastWin32:Banker-FGS [Trj]AVG
(GriSoft)Delf.EWWAviraTR/Spy.Ba...
Troj/Badsrc-C - Troj/Badsrc-C at Sophos
Troj/Badsrc-C is a web page that has been compromised to load a script from a malicious website.
...
Troj/BHO-FP - Troj/BHO-FP at Sophos
...
W32/Autorun-EL - W32/Autorun-EL at Sophos
When run W32/Autorun-EL copies itself to <System>/sys.vbs and also copies itself to all
available drives to the file <Root>/sys.vbs and creates an autorun.inf file which will autorun sys.vbs.
W32/Autorun-EL will create or edit the following registry entries:
HKCU\S...
W32/Rbot-GWX - W32/Rbot-GWX at Sophos
W32/Rbot-GWX is a network worm with backdoor Trojan functionality for the Windows platform.
The worm copies itself to <System>\nvdsc.exe and creates the following registry entries:
HKCU\Software\Microsoft\OLE NvidiaDisplayService
<System>\nvds...
Mal/Behav-228 - Mal/Behav-228 at Sophos
Mal/Behav-228 is a malicious program for the Windows platform. Detection
for members of Mal/Behav-228 is behavior based. It is extremely important that customers report detections of
Mal/Behav-228 to Sophos and send a sample for analysis.
...
Mal/EncPk-BX - Mal/EncPk-BX at Sophos
...
Mal/ObfJS-M - Mal/ObfJS-M at Sophos
Mal/ObfJS-M is a script obfuscated in a manner typical of malware.
...
Troj/Agent-HAP - Troj/Agent-HAP at Sophos
Troj/Agent-HAP has the functionality to communicate with a remote server via the internet.
Troj/Agent-HAP may have associated rootkit SYS files which are also detected as Troj/Agent-HAP.
...
Troj/DwnLdr-HDX - Troj/DwnLdr-HDX at Sophos
Troj/DwnLdr-HDX is a Trojan for the Windows platform. Troj/DwnLdr-HDX
attempts to download files from the Internet into subfolders of C:\WINDOWS.
...
0 writebacks [05/30/2008 04:42]
[]
permanent link
|
