Virus Malware and Threat News for 20080830
PWS-OnlineGames.cb!9D826686 - PWS-OnlineGames.cb!9D826686 at McAfee
File PropertyProperty ValueFile Name002ad4ee2d4b9e5805eb7ccf1198457bfdcdfd3e.exeMcAfee
DetectionPWS-OnlineGames.cbLength19,527
bytesCRC329D826686MD5DB7A6F4E11935AD0706A6ABA1C6AB701SHA1002AD4EE2D4B9E5805EB7CCF1198457BFDCDFD3EOther Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-GameThief.Win32.OnLineGames.
saepNo...
Generic Dropper!D422E9D4 - Generic Dropper!D422E9D4 at McAfee
File PropertyProperty ValueFile Name00224571687ed9817e16af8ee5243f0408770cab.exeMcAfee DetectionGeneric
DropperLength124,928
bytesCRC32D422E9D4MD50285ede70f4a4f43fa1b6629abe0738cSHA100224571687ED9817E16AF8EE5243F0408770CABOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Trojan-gen {Other}AVG (GriSoft)downloader.gene...
Downloader-ASH.gen.b!74C66CE1 - Downloader-ASH.gen.b!74C66CE1 at McAfee
File PropertyProperty ValueFile Name001d217e3920680cc45c8793be9999c3ad8193bf.exeMcAfee DetectionDownloader-ASH.
gen.bLength110,080 bytesCRC3274C66CE1MD51A341C44058F4ED82566AAFA2C7F9A39SHA1001D217E3920680CC45C8793BE9999C3AD8193BFOther
Common Detection AliasesCompany NameDetection NameAVG (GriSoft)Downloader.FraudLoad.AAviraHEUR/CryptedeSafe...
PWS-OnlineGames.cb!F92493A1 - PWS-OnlineGames.cb!F92493A1 at McAfee
File PropertyProperty ValueFile Name0015e5b60d5fdbb9396d4844fd01463c01a2e75e.exeMcAfee
DetectionPWS-OnlineGames.cbLength23,115
bytesCRC32F92493A1MD5491A16F95C1D6ADB06FE37D60D3D89A0SHA10015E5B60D5FDBB9396D4844FD01463C01A2E75EOther Common
Detection AliasesCompany NameDetection NameAvastWin32:OnLineGames-DQP [Trj]AviraTR/Crypt.XDR.
...
Downloader.gen.a!5CFC75AE - Downloader.gen.a!5CFC75AE at McAfee
File PropertyProperty ValueFile Name00052a64e1770a0eb41e2cdd73b89b024b84fa41.exeMcAfee DetectionDownloader.gen.
aLength112,135 bytesCRC325CFC75AEMD5c19bdb8e83ba7e187feb7364d498808cSHA100052A64E1770A0EB41E2CDD73B89B024B84FA41Other
Common Detection AliasesCompany NameDetection NameAVG (GriSoft)Generic10.BBSBAviraDR/Delphi.
GenBitDefender...
Troj/Agent-HNR - Troj/Agent-HNR at Sophos
...
Mal/Goldun-B - Mal/Goldun-B at Sophos
...
Troj/FakeAV-CI - Troj/FakeAV-CI at Sophos
...
Troj/FakeAV-CK - Troj/FakeAV-CK at Sophos
...
Troj/Mdrop-BVI - Troj/Mdrop-BVI at Sophos
...
Troj/Drop-AO - Troj/Drop-AO at Sophos
...
Troj/FakeAV-CG - Troj/FakeAV-CG at Sophos
...
Troj/FakeAV-CH - Troj/FakeAV-CH at Sophos
...
Troj/Zlob-ANS - Troj/Zlob-ANS at Sophos
...
Troj/Dloadr-BRM - Troj/Dloadr-BRM at Sophos
...
0 writebacks [08/31/2008 04:43]
[]
permanent link
|
Virus Malware and Threat News for 20080829
Trojan-Downloader:W32/Exchanger - Trojan-Downloader:W32/Exchanger at F-Secure
Trojan-Downloader:W32/Exchanger variants download additional malicious software onto the infected system.
...
Packed.Generic.184 - Packed.Generic.184 at Norton Symantec
Packed.Generic.184 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
Packed.Generic.183 - Packed.Generic.183 at Norton Symantec
Packed.Generic.183 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
Trojan.Purplebot - Trojan.Purplebot at Norton Symantec
Trojan.Purplebot is a Trojan horse that downloads more files on to the compromised computer.
...
Downloader.Swif.D - Downloader.Swif.D at Norton Symantec
Downloader.Swif.D is a Trojan horse that downloads files on to the compromised computer.
...
TotalSecure2009 - TotalSecure2009 at Norton Symantec
BehaviorTotalSecure2009 is a misleading application that may give exaggerated reports of threats on the
computer....
TROJ_EXCHANGE.AR - TROJ_EXCHANGE.AR at Trend Micro
...
TROJ_AGENT.AMDW - TROJ_AGENT.AMDW at Trend Micro
This Trojan may be dropped by other malware. It may arrive bundled with malware packages as a malware
component. It may be downloaded unknowingly by a user when visiting malicious Web sites.It drops copies of
itself. It registers itself as a system service to ensure its automatic execution at every system startup. It
does this by cre...
TROJ_AGENT.AXAS - TROJ_AGENT.AXAS at Trend Micro
...
TROJ_DLOADE.CST - TROJ_DLOADE.CST at Trend Micro
This Trojan may be dropped by other malware.It may arrive bundled with malware packages as a malware component.
It may be downloaded unknowingly by a user when visiting malicious Web sites.It drops copies of itself. It
registers itself as a system service to ensure its automatic execution at every system startup. It does this
by creat...
Mal/DownLdr-AC - Mal/DownLdr-AC at Sophos
...
Mal/Envid-A - Mal/Envid-A at Sophos
...
Troj/ExePage-A - Troj/ExePage-A at Sophos
Troj/ExePage-A detects malicious web pages that will attempt to automatically download EXE files.
...
Troj/Iframe-AR - Troj/Iframe-AR at Sophos
...
Troj/MalDoc-D - Troj/MalDoc-D at Sophos
Troj/MalDoc-D Detects exploited OLE2 documents which typically drop and execute other binary files.
...
Troj/PhpShell-N - Troj/PhpShell-N at Sophos
...
Troj/RKOSX-A - Troj/RKOSX-A at Sophos
...
Troj/Rootkit-DK - Troj/Rootkit-DK at Sophos
...
0 writebacks [08/30/2008 04:44]
[]
permanent link
|
Virus Malware and Threat News for 20080828
Spyware.Mod - Spyware.Mod at Norton Symantec
BehaviorSpyware.Mod is a spyware program that can be used to record information on the computer.
...
TheRegistrySentinel - TheRegistrySentinel at Norton Symantec
BehaviorTheRegistrySentinel is a misleading application that may give exaggerated reports of threats on the
computer....
Downloader-BJY - Downloader-BJY at McAfee
The Downloader-BJY trojan has a .dll file(often called winssrv2.dll) monitoring the following processes:msmsgs.
exe, opera.exe,msnmsgr.exe,maxthon.exe, iexplore.exe,msimn.exe,outlook.exe.and injects another .dll file(often
called ieplayer2.dll) into these processes.ieplayer2.dll connects with the following remote server:asp.
privacyus....
Troj/GameHo-Gen - Troj/GameHo-Gen at Sophos
...
Troj/GameHook-A - Troj/GameHook-A at Sophos
...
Troj/Agent-HNK - Troj/Agent-HNK at Sophos
...
Troj/Agent-HNL - Troj/Agent-HNL at Sophos
...
Troj/Proxy-IP - Troj/Proxy-IP at Sophos
Troj/Proxy-IP is a Trojan for the Windows platform. When first run
Troj/Proxy-IP copies itself to <Windows>\services.exe. The following registry
entry is created to run Troj/Proxy-IP on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ...
Troj/Agent-HNM - Troj/Agent-HNM at Sophos
...
Troj/Bckdr-QPF - Troj/Bckdr-QPF at Sophos
Troj/Bckdr-QPF is a Trojan for the Windows platform. When Troj/Bckdr-QPF is
installed the following files are created: <User>\Application Data\addon.dat
<Temp>\ganastes.exe <Program Files>\SysKeyQPFdll\SysUpdate.exe
<Progr...
Troj/FakeAle-GJ - Troj/FakeAle-GJ at Sophos
...
Troj/Pushdo-S - Troj/Pushdo-S at Sophos
...
0 writebacks [08/29/2008 04:45]
[]
permanent link
|
Virus Malware and Threat News for 20080827
Worm:W32/Autorun.BHX - Worm:W32/Autorun.BHX at F-Secure
Worm:W32/Autorun.BHX spreads by copying itself to removable drives and attempts to steal username and password
information for several different online games.
...
AndromedaAV - AndromedaAV at Norton Symantec
BehaviorAndromedaAV is a misleading application that may give exaggerated reports of threats on the computer.
...
Spammer.AJF - Spammer.AJF at Panda
It is designed to send a spam message in Italian. It does not spread automatically by its own means.
...
Troj/Agent-HNA - Troj/Agent-HNA at Sophos
...
Troj/Agent-HNB - Troj/Agent-HNB at Sophos
...
Troj/Agent-HND - Troj/Agent-HND at Sophos
...
Troj/Agent-HNG - Troj/Agent-HNG at Sophos
...
Troj/DwnLdr-HHE - Troj/DwnLdr-HHE at Sophos
...
Troj/DwnLdr-HHF - Troj/DwnLdr-HHF at Sophos
Troj/DwnLdr-HHF is a Trojan for the Windows platform. When run
Troj/DwnLdr-HHF copies itself to: <System>\<random characters>.exe
and creates the files: <System>\<random characters>.scr - detected as
Troj/FakeAle-FK <...
Troj/FakeAle-GH - Troj/FakeAle-GH at Sophos
Troj/FakeAle-GH is a Trojan for the Windows platform. Troj/FakeAle-GH
includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/FakeAle-GH copies itself to <System>\lphcjgvj0enf1.exe and creates the
following files: ...
Troj/FakeAV-CF - Troj/FakeAV-CF at Sophos
...
Troj/Phalanx2-A - Troj/Phalanx2-A at Sophos
Troj/Phalanx2-A is a rootkit for the Linux platform.
...
Troj/Zapchas-EF - Troj/Zapchas-EF at Sophos
...
0 writebacks [08/28/2008 04:46]
[]
permanent link
|
Virus Malware and Threat News for 20080826
Trojan:W32/Agent.FVO - Trojan:W32/Agent.FVO at F-Secure
Trojans are malicious programs that pretend be to benign. Trojans do not replicate themselves.
...
SpywarePreventer - SpywarePreventer at Norton Symantec
BehaviorSpywarePreventer is a misleading application that may give exaggerated reports of threats on the
computer....
Trojan.Tarodrop.G - Trojan.Tarodrop.G at Norton Symantec
Trojan.Tarodrop.G is a Trojan horse that attempts to exploit the JustSystems Ichitaro Document Handling
Unspecified Code Execution Vulnerability (BID 30828) in the Justsystem Ichitaro Office Suite in order to drop
more malware on to the compromised computer.
...
Exploit-TaroDrop.e - Exploit-TaroDrop.e at McAfee
Upon launching the document, it exploits a 0-day vulnerability in Ichitaro and executes an embedded executable.
The following file is installed when the document is opened:%Windr%\winnet.dllThe file is detected as
BackDoor-DRZ trojan....
BackDoor-DRZ - BackDoor-DRZ at McAfee
There are several versions existed. This is a general description. Newer versions require the latest DATs for
detection and cleaning.Upon execution, the trojan drops itself to the following file.%Windr%\winnet.dllThe
trojan modifies the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlo...
Spy-Agent.bw.gen.f - Spy-Agent.bw.gen.f at McAfee
When executed, this trojan drops the following files:%System%\ntos.exe [Copy of Trojan]%System%\wsnpoem\audio.
dll [Data File]%System%\wsnpoem\video.dll [Data File]Note:%System% is a variable that refers to the System
folder. In a Windows XP machine, this should by default refer to the “C:\Windows\System32” folderThe trojan
also modif...
Exchanger.AH - Exchanger.AH at Panda
It downloads the adware program detected as RogueAntimalware2008 to the affected computer, which is a
fake antivirus which warns users of unexisting threats in the computer. It reaches the computer in an email
message about Paris Hilton.
...
KeyLogger.EA - KeyLogger.EA at Panda
It logs the keystrokes and the activity of the mouse in order to steal all type of information about the user,
such as passwords, banking data and email addresses, among others. It does not spread automatically by
its own means....
OscarBot.UG - OscarBot.UG at Panda
It receives remote instructions such as launching DDoS type denial of service attacks. It spreads
via the AOL instant messaging program AIM and through removable drives.
...
Troj/BDoor-ANJ - Troj/BDoor-ANJ at Sophos
...
Troj/Dloadr-BRE - Troj/Dloadr-BRE at Sophos
...
Troj/Mdrop-BVF - Troj/Mdrop-BVF at Sophos
Troj/Mdrop-BVF drops the file <Windows>\System\<Random Name>.dll which is detected as
Mal/Delf-M.
...
Mal/EncPk-ER - Mal/EncPk-ER at Sophos
...
Troj/BHO-GR - Troj/BHO-GR at Sophos
...
Troj/Dloadr-BRC - Troj/Dloadr-BRC at Sophos
...
Troj/Dloadr-BRD - Troj/Dloadr-BRD at Sophos
...
Troj/Linea-C - Troj/Linea-C at Sophos
...
Troj/Zlob-ANM - Troj/Zlob-ANM at Sophos
...
0 writebacks [08/27/2008 04:44]
[]
permanent link
|
Virus Malware and Threat News for 20080825
Troj/Dloadr-BQY - Troj/Dloadr-BQY at Sophos
...
Troj/Small-EMB - Troj/Small-EMB at Sophos
Troj/Small-EMB is a Trojan for the Windows platform. When first run
Troj/Small-EMB copies itself to a user folder under: <Root>\RECYCLER\
and creates the following registry entry to run itself on startup:
HKLM\SOFTWARE\Micros...
Troj/Bdoor-ANI - Troj/Bdoor-ANI at Sophos
...
Troj/Dloadr-BQX - Troj/Dloadr-BQX at Sophos
...
Troj/FakeAle-GE - Troj/FakeAle-GE at Sophos
...
Troj/Gamania-BV - Troj/Gamania-BV at Sophos
Troj/Gamania-BV is a Trojan for the Windows platform. When first run
Troj/Gamania-BV copies itself to <System>\kavo.exe and creates the following files:
<System>\drivers\klif.sys <System>\kavo0.dll Both of these
files are det...
Troj/Gamania-BW - Troj/Gamania-BW at Sophos
Troj/Gamania-BW is a Trojan for the Windows platform. When first run
Troj/Gamania-BW copies itself to <System>\ckvo.exe and creates the following files:
<System>\ckvo0.dll <System>\drivers\klif.sys Both of these
files are det...
Troj/Merein-Gen - Troj/Merein-Gen at Sophos
Troj/Merein-Gen is a Trojan for the Windows platform.
...
Troj/Resex-B - Troj/Resex-B at Sophos
...
0 writebacks [08/26/2008 04:43]
[]
permanent link
|
Virus Malware and Threat News for 20080824
Trojan.Giframe - Trojan.Giframe at Norton Symantec
Trojan.Giframe is a generic detection for specially crafted GIF images that may contain HTML tags that
redirect users to malicious Web sites.
...
Troj/Agent-HMN - Troj/Agent-HMN at Sophos
...
Troj/Agent-HMO - Troj/Agent-HMO at Sophos
...
Troj/Lineag-FD - Troj/Lineag-FD at Sophos
...
Troj/Linea-B - Troj/Linea-B at Sophos
...
Troj/Lineag-FC - Troj/Lineag-FC at Sophos
Troj/Lineag-FC is a Trojan for the Windows platform. When Troj/Lineag-FC is
installed the following files are created: <Temp>\RarSFX0\zxc.sfx.exe
<Temp>\RarSFX0\zxc\01[3].jpg <Temp>\RarSFX0\zxc\03[1].jpg
<Te...
Troj/BanHost-W - Troj/BanHost-W at Sophos
Troj/BanHost-W is a Trojan for the Windows platform. When run
Troj/BanHost-W modifies the HOSTS file.
...
Troj/DwnLdr-HGZ - Troj/DwnLdr-HGZ at Sophos
Troj/DwnLdr-HGZ is a downloader Trojan for the Windows platform. When run
Troj/DwnLdr-HGZ copies itself to <Windows>\<random characters>.exe.
...
VBS/AutoRun-IB - VBS/AutoRun-IB at Sophos
VBS/AutoRun-IB is a VB script worm for the Windows platform. When run
VBS/AutoRun-IB copies itself to <Windows>\SysRes.vbs and sets the following registry entry to run itself
on startup: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run System
Restore ...
0 writebacks [08/25/2008 04:43]
[]
permanent link
|
Virus Malware and Threat News for 20080823
Troj/Agent-HML - Troj/Agent-HML at Sophos
...
Troj/Rootkit-DI - Troj/Rootkit-DI at Sophos
...
Troj/Vundrop-A - Troj/Vundrop-A at Sophos
...
Troj/Wimad-J - Troj/Wimad-J at Sophos
...
Troj/Agent-HMM - Troj/Agent-HMM at Sophos
...
Troj/Dloadr-BQS - Troj/Dloadr-BQS at Sophos
...
Troj/Dloadr-BQT - Troj/Dloadr-BQT at Sophos
...
Troj/Dloadr-BQV - Troj/Dloadr-BQV at Sophos
...
Troj/FakeAV-CB - Troj/FakeAV-CB at Sophos
...
W32/Airworm-C - W32/Airworm-C at Sophos
W32/Airworm-C is a worm for the Windows platform. W32/Airworm-C uses a
folder like icon in the hope that users with file extensions hidden in the folder options will accidently
execute the malware when trying to open what looks like a folder. W32/Airworm-C
includes functionali...
0 writebacks [08/24/2008 04:43]
[]
permanent link
|
Virus Malware and Threat News for 20080820
FakeAlert-AO.gen - FakeAlert-AO.gen at McAfee
When executed, this trojan creates the following folder:C:\Program Files\IEAntiVirusIt then drops files into
this folder. The names of the files dropped in this folder differ from one version of the malware to another.
This trojan will also attempt to create the following registry entry to ensure its execution at system startup:
Hkey_C...
IEAntivirus.gen - IEAntivirus.gen at McAfee
McAfee(R) Avert™ recognizes that this program may have legitimate uses in contexts where an authorized
administrator has knowingly installed this application. If you agreed to a license agreement for this, or
another bundled application, you may have legal obligations with regard to removing this software, or using
the host applicati...
Puper.gen.f - Puper.gen.f at McAfee
Puper.gen.f is part of a Puper.gen threat that attempts to monitors its own processes to ensure that it respan
if it is terminated from memory.See http://vil.nai.com/vil/content/v_133666.htm for further details on Puper.
...
Troj/Dloadr-BQP - Troj/Dloadr-BQP at Sophos
...
Troj/Banker-EMX - Troj/Banker-EMX at Sophos
Troj/Banker-EMX is a Trojan for the Windows platform. When Troj/Banker-EMX
is installed the following files are created: <Temp>\123.info (File is not
malicious and may be deleted) <Temp>\shell32.dll (detected as
Troj/Banker-EMX)...
Troj/Bckdr-QPC - Troj/Bckdr-QPC at Sophos
When first run Troj/Bckdr-QPC copies itself to: <Startup>\userinit.
exe <User>\svchost.exe <System>\drivers\services.exe
and creates the following files: <User>\explorer.dll
<User>\ms_tcp.dll...
Troj/Drop-AM - Troj/Drop-AM at Sophos
When first executed Troj/Drop-AM drops the files: - <Application
Data>\Microsoft\Network\Downloader\qmgr0.dat - data, can be safely deleted - <Application
Data>\Microsoft\Network\Downloader\qmgr1.dat - data, can be safely deleted - <Temp>\Loader.
<random num...
Troj/FakeAle-FX - Troj/FakeAle-FX at Sophos
...
Troj/Resex-Fam - Troj/Resex-Fam at Sophos
Troj/Resex-Fam is a family of Trojan droppers for the Windows platform
...
JS/AutoRun-HV - JS/AutoRun-HV at Sophos
...
Mal/Budcr-A - Mal/Budcr-A at Sophos
Mal/Budcr-A is a malicious JavaScript within a web page that attempts to redirect the user to a
remote malicious site.
...
Troj/FakeAle-FV - Troj/FakeAle-FV at Sophos
Troj/FakeAle-FV is a Trojan for the Windows platform. When Troj/FakeAle-FV
is installed the following files are created: <Current Folder>\delself.bat
<System>\braviax.exe <System>\dllcache\beep.sys
<System>\dllcache\figa...
0 writebacks [08/23/2008 06:45]
[]
permanent link
|
Virus Malware and Threat News for 20080819
W32.Rispif.A - W32.Rispif.A at Norton Symantec
W32.Rispif.A is a worm that spreads by copying itself to removable and fixed drives from C through Z.
...
Bloodhound.Exploit.201 - Bloodhound.Exploit.201 at Norton Symantec
Bloodhound.Exploit.201 is a heuristic detection for files attempting to exploit the Microsoft PowerPoint List
Value Parsing Remote Code Execution Vulnerability (BID 30579).
...
Bloodhound.Exploit.200 - Bloodhound.Exploit.200 at Norton Symantec
Bloodhound.Exploit.200 is a heuristic detection for files attempting to exploit the Microsoft PowerPoint
Picture Index Remote Code Execution Vulnerability (BID 30552).
...
Bloodhound.Exploit.198 - Bloodhound.Exploit.198 at Norton Symantec
Bloodhound.Exploit.198 is a heuristic detection for the files that exploit the Microsoft Windows Event System
User Subscription Request Remote Code Execution Vulnerability (BID 30584).
...
Generic Downloader.z!1516DDBD - Generic Downloader.z!1516DDBD at McAfee
Upon execution, the trojan drops the following file:%WinDir%\system32\__c00[5 random mixed letters or
digits ].dat(where %WinDir% is the default Windows directory, for example C:\WINNT, C:\WINDOWS etc.)It
adds the following registry keys(assume that the file name of the dropped file is __c00700D4.dat):
HKEY_LOCAL_MACHINE\SOF...
TROJ_DLOADR.JT - TROJ_DLOADR.JT at Trend Micro
This Trojan may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious
Web sites.It drops files/components. It creates registry entries to enable its automatic execution at every
system startup.It accesses Web sites to download file(s). As a result, malicious routines of the downloaded
files ar...
WORM_AUTORUN.DAW - WORM_AUTORUN.DAW at Trend Micro
This worm may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious
Web sites.It drops copies of itself in all physical drives.It drops copies of itself in all removable drives.
It drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed. The said
file is d...
BKDR_RBOT.BJZ - BKDR_RBOT.BJZ at Trend Micro
This backdoor program may be dropped by other malware. It may arrive as a .DLL file that exports functions
used by other malware.It modifies the system registry as part of its installation routine.It connects to
certain Web sites....
TROJ_SMALL.HBD - TROJ_SMALL.HBD at Trend Micro
This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting
malicious Web sites.It drops files, some of which are detected by Trend Micro as:BKDR_SMALLDOO.
FBEXPL_INJSCRIPTTROJ_AGENT.AJWXTROJ_GENERIC.ATROJ_ZEROML.BJD It then executes these dropped malicious files.
As a result, malicious routin...
WORM_KOOBFACE.E - WORM_KOOBFACE.E at Trend Micro
This worm may be downloaded from the Internet. Upon execution, it drops a copy of itself. It displays a
message box to trick users into thinking that it did not execute properly. It accesses the Google Web site to
check for an Internet connection.It creates a registry entry to enable its automatic execution at every system
startup. I...
WORM_KOOBFACE.D - WORM_KOOBFACE.D at Trend Micro
This worm drops copies of itself.It drops files/components.It displays a message box upon execution. It also
accesses the a certain Web site to check for an Internet connection.It connects to a certain Web site to send
and receive information.It checks if the user has visited the social networking site, Facebook and adds a link
to th...
WORM_KOOBFACE.F - WORM_KOOBFACE.F at Trend Micro
This worm may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious
Web sites.Upon execution, it drops a copy of itself. It displays a message box to trick users into thinking
that it did not execute properly. It accesses the Google Web site to check for an Internet connection.It
creates a re...
Troj/Agent-HLZ - Troj/Agent-HLZ at Sophos
...
Troj/Bckdr-QPB - Troj/Bckdr-QPB at Sophos
When Troj/Bckdr-QPB is installed the following files are created:
<Temp>\1.4 XR6.exe<random string of numbers> - detected as Troj/Bckdr-QPB
<Temp>\tmp.exe - data file, can be safely deleted <System>\aplib.dll - clean file, can
be safely deleted...
Troj/Buzus-L - Troj/Buzus-L at Sophos
Troj/Buzus-L is a Trojan for the Windows platform. Troj/Buzus-L runs
continuously in the background, providing a backdoor server which allows a remote intruder to gain access and
control over the computer via IRC channels. When first run Troj/Buzus-L copies itself
to: ...
Troj/Dloadr-BQM - Troj/Dloadr-BQM at Sophos
...
Troj/FakeAle-FR - Troj/FakeAle-FR at Sophos
...
Troj/FakeAle-FS - Troj/FakeAle-FS at Sophos
...
Troj/FakeAle-FT - Troj/FakeAle-FT at Sophos
...
Troj/Zbot-AI - Troj/Zbot-AI at Sophos
...
W32/Autorun-HQ - W32/Autorun-HQ at Sophos
W32/Autorun-HQ is a Trojan for the Windows platform. W32/Autorun-HQ spreads
to other network computers. W32/Autorun-HQ includes functionality to access the
internet and communicate with a remote server via HTTP. When first run W32/Autorun-HQ
copies itsel...
Mal/PicEx-A - Mal/PicEx-A at Sophos
...
0 writebacks [08/23/2008 06:45]
[]
permanent link
|
Virus Malware and Threat News for 20080818
MaxAntispy - MaxAntispy at Norton Symantec
BehaviorMaxAntispy is a misleading application that may give exaggerated reports of threats on the computer.
...
Oscarbot.UG - Oscarbot.UG at Panda
This worm with backdoor characteristics, spreads through instant messaging programs. It opens a port to
communicate with a server located probably in Russia and sends data concerning the infected computer to this
server. This worm is also used to make Distributed Denial Of Service Attacks (DDOS).
...
Troj/Banloa-FT - Troj/Banloa-FT at Sophos
...
Troj/BHO-GO - Troj/BHO-GO at Sophos
...
Troj/Naprat-A - Troj/Naprat-A at Sophos
...
Troj/PDFEx-O - Troj/PDFEx-O at Sophos
...
Troj/PWS-ASR - Troj/PWS-ASR at Sophos
Troj/PWS-ASR is an information stealing Trojan for the Windows platform.
When run Troj/PWS-ASR copies itself to <Windows>\java\<random characters>.exe and creates the file
<Windows>\java\<random characters>.dll (also detected as Troj/PWS-ASR) The
follow...
Troj/Zlob-AND - Troj/Zlob-AND at Sophos
...
Troj/FakeVir-EU - Troj/FakeVir-EU at Sophos
...
Troj/FakeVir-EV - Troj/FakeVir-EV at Sophos
...
Troj/Keylog-KO - Troj/Keylog-KO at Sophos
Troj/Keylog-KO is a Trojan for the Windows platform. Troj/Keylog-KO may
install a new version of the file <System>\msxmlre.exe.
...
Troj/Small-ELY - Troj/Small-ELY at Sophos
Troj/Small-ELY is a proxy Trojan for the Windows platform. When run
Troj/Small-ELY copies itself to <Windows>\services.exe and sets the following registry entries:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess Start 4
HK...
Trojan.Bankpatch.C!inf - Trojan.Bankpatch.C!inf at Norton Symantec
Trojan.Bankpatch.C!inf is a detection for files infected with Trojan.Bankpatch.C.
...
Trojan.Bankpatch.C - Trojan.Bankpatch.C at Norton Symantec
Trojan.Bankpatch.C is a Trojan horse that modifies system DLL files and attempts to steal information from the
compromised computer.
...
TraceSweeper - TraceSweeper at Norton Symantec
BehaviorTraceSweeper is a potentially unwanted application that may give exaggerated reports of privacy
violations on the computer.
...
Troj/Psyme-JO - Troj/Psyme-JO at Sophos
Troj/Psyme-JO is a Trojan that attempts to download and execute a file from a remote location.
This file is currently detected as Mal/EncPk-EQ.
...
Troj/Clicker-EX - Troj/Clicker-EX at Sophos
...
Troj/Qhost-X - Troj/Qhost-X at Sophos
...
Troj/Rootkit-DH - Troj/Rootkit-DH at Sophos
Troj/Rootkit-DH is a Trojan for the Windows platform. When first run
Troj/Rootkit-DH copies itself to <System>\cmrs.exe. Troj/Rootkit-DH overwrites
the file <system>/drivers/beep.sys with a modified version, also detected as Troj/Rootkit-DH.
...
Troj/Wimad-G - Troj/Wimad-G at Sophos
...
W32/Agobot-AJC - W32/Agobot-AJC at Sophos
W32/Agobot-AJC runs continuously in the background, providing a backdoor server which allows a
remote intruder to gain access and control over the computer via IRC channels.
W32/Agobot-AJC spreads - to computers vulnerable to common exploits, including: LSASS
(MS04-011) &...
Mal/FakeVir-E - Mal/FakeVir-E at Sophos
Mal/FakeVir-E is a BHO which typically masquerades as a key generator for legitimate Anti-Virus software.
...
Troj/Agent-HLT - Troj/Agent-HLT at Sophos
Troj/Agent-HLT is a Trojan for the Windows platform.
Troj/Agent-HLT includes functionality to send notification messages to remote locations.
...
Troj/Banker-EMY - Troj/Banker-EMY at Sophos
Troj/Banker-EMY is a Trojan for the Windows platform. When
Troj/Banker-EMY is installed the following files are created: <Program
Files>\Internet Explorer\Help\WebEmpresas\nueva_imagen\favicon.ico <Program
Files>\Internet Explorer\Help\WebEmp...
0 writebacks [08/23/2008 06:45]
[]
permanent link
|
Virus Malware and Threat News for 20080817
FakeAlert-AB.gen.b - FakeAlert-AB.gen.b at McAfee
This is a generic detection for FakeAlert-AB trojan. For more information, please refer to http://vil.nai.
com/vil/content/v_143903.htm.
...
FakeAlert-AB.gen.a - FakeAlert-AB.gen.a at McAfee
This is a generic detection for FakeAlert-AB trojan. For more information, please refer to http://vil.nai.
com/vil/content/v_143903.htm.
...
TROJ_FRAUDLOA.WN - TROJ_FRAUDLOA.WN at Trend Micro
This Trojan may be downloaded from a certain remote site. It drops a file upon execution.It accesses a Web
site to download a malicious file. It then executes the downloaded files. As a result, malicious routines of
the downloaded files are exhibited on the affected system.
...
Troj/Agent-HLL - Troj/Agent-HLL at Sophos
...
Troj/Agent-HLM - Troj/Agent-HLM at Sophos
...
Troj/Agent-HLN - Troj/Agent-HLN at Sophos
...
Troj/Backdr-Z - Troj/Backdr-Z at Sophos
...
Troj/Dloadr-BQI - Troj/Dloadr-BQI at Sophos
...
Troj/Protux-H - Troj/Protux-H at Sophos
...
Troj/Rootkit-DF - Troj/Rootkit-DF at Sophos
...
Troj/Rootkit-DG - Troj/Rootkit-DG at Sophos
...
Troj/Bdoor-ANE - Troj/Bdoor-ANE at Sophos
Troj/Bdoor-ANE is a Trojan for the Windows platform. When Troj/Bdoor-ANE is
installed the following files are created: <System>\csrss.exe
<System>\mswinsck.ocx The file csrss.exe is detected as a component of
Troj/Bdoor-ANE. The fi...
Troj/Dloadr-BQE - Troj/Dloadr-BQE at Sophos
...
0 writebacks [08/23/2008 06:45]
[]
permanent link
|
Virus Malware and Threat News for 20080816
Exploit-IFrame.gen.a - Exploit-IFrame.gen.a at McAfee
Exploit-IFrame is a generic detection for malicious IFrames embedded on various legitimate websites.The
malicious website rendered within the IFrame attempts exploit various vulnerabilities. Some of which may
include:Microsoft Data Access Components (MDAC)Code Execution Vulnerability (JS/Downloader-AUE) Real Player
Buffer overf...
TROJ_FAKEALE.AG - TROJ_FAKEALE.AG at Trend Micro
This Trojan may be downloaded from a remote site. It also arrives from spam email with a link redirecting to a
copy of itself.This Trojan drops a copy of itself. It also drops several files, some of which are detected as
JOKE_BLUESCREEN. This Trojan creates a registry entry to enable its automatic execution at every system
startup. I...
TROJ_FAKEAV.DI - TROJ_FAKEAV.DI at Trend Micro
This Trojan may be downloaded from a certain remote site. It drops a file upon execution.It accesses a Web
site to download a malicious file. It then executes the downloaded files. As a result, malicious routines of
the downloaded files are exhibited on the affected system.
...
TROJ_FAKEAV.CX - TROJ_FAKEAV.CX at Trend Micro
This Trojan may be downloaded from remote sites by TROJ_FAKEAV.DI. It may be downloaded from a remote site.It
installs itself as a fake antivirus application named ANTIVIRUS 2009. It shows fake alert pop-ups stating that
the affected system is infected with several malware. The following images are some of the fake pop-up alerts
this...
Troj/Pushdo-Q - Troj/Pushdo-Q at Sophos
...
Mal/Behav-294 - Mal/Behav-294 at Sophos
...
Mal/Behav-295 - Mal/Behav-295 at Sophos
Mal/Behav-295 is a program which exhibits characteristics unique to malware.
...
Troj/BHO-GM - Troj/BHO-GM at Sophos
...
Troj/BHO-GN - Troj/BHO-GN at Sophos
...
Troj/FakeAV-BO - Troj/FakeAV-BO at Sophos
...
Troj/Inject-CO - Troj/Inject-CO at Sophos
Troj/Inject-CO is a Trojan component that attempts to inject code into a running instance of
explorer.exe.
...
Troj/PDFex-L - Troj/PDFex-L at Sophos
...
Troj/Agent-HLJ - Troj/Agent-HLJ at Sophos
...
0 writebacks [08/23/2008 06:44]
[]
permanent link
|
Virus Malware and Threat News for 20080821
TROJ_SMALL.KOE - TROJ_SMALL.KOE at Trend Micro
This Trojan may be downloaded from remote sites by other malware.It may be dropped by other malware. It may be
downloaded unknowingly by a user when visiting malicious Web sites.It creates folders. It drops
files/components. It creates registry entries to enable its automatic execution at every system startup.It
adds an Uninstall opt...
TROJ_AGENT.AIUP - TROJ_AGENT.AIUP at Trend Micro
This Trojan may be downloaded from remote sites by other malware.It may arrive bundled with malware packages
as a malware component.It may be downloaded unknowingly by a user when visiting malicious Web sites.It creates
folders.It downloads an updated copy of itself from certain Web sites.It drops component files also detected
as TRO...
TROJ_FAKEAV.EB - TROJ_FAKEAV.EB at Trend Micro
This Trojan may be downloaded from remote sites by other malware.It may arrive bundled with malware packages
as a malware component.It may be downloaded unknowingly by a user when visiting malicious Web sites.It creates
folders. It creates registry entries to enable its automatic execution at every system startup.It adds an
Uninstall...
TROJ_FAKEAV.ED - TROJ_FAKEAV.ED at Trend Micro
This Trojan may be dropped by other malware.It may arrive bundled with malware packages as a malware component.
It may be downloaded unknowingly by a user when visiting malicious Web sites.It creates folders. It drops
copies of itself. It creates registry key(s)/entry(ies) as part of its installation routine.This Trojan
monitors affec...
Troj/DwnLdr-HGY - Troj/DwnLdr-HGY at Sophos
Troj/DwnLdr-HGY is a downloader Trojan for the Windows platform.
Troj/DwnLdr-HGY also includes functionality to modify the HOSTS file.
...
Troj/Agent-HMD - Troj/Agent-HMD at Sophos
...
Troj/FakeAle-GA - Troj/FakeAle-GA at Sophos
Troj/FakeAle-GA is a Trojan for the Windows platform. Troj/FakeAle-GA
includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/FakeAle-GA is installed the following files are created:
<Desktop>\MSAntivi...
Troj/FkAvDl-Fam - Troj/FkAvDl-Fam at Sophos
Troj/FkAvDl-Fam is a family of downloaders for fraudulent anti-spyware and / or anti-virus
applications. These family of Trojans falsely report malware on the computer and then
offers to remove the malware on the condition that the user chooses to register / pay for the full version.
...
Troj/PcClien-MH - Troj/PcClien-MH at Sophos
...
Troj/PWS-ASS - Troj/PWS-ASS at Sophos
...
Troj/TibsRar-A - Troj/TibsRar-A at Sophos
Troj/TibsRar-A is a password-protected RAR file seen in spam, that contains a file detected as
Mal/TibsPk-A.
...
Troj/Zlob-ANF - Troj/Zlob-ANF at Sophos
When Troj/Zlob-ANF is installed it creates the file: -
<System>\RichVideoCodec.dll - also detected as Troj/Zlob-ANF - <Program
files>\RichVideoCodec\MultiLoader.dll - detected as Mal/EncPk-CZ - <Temp>\System.dll - non
malicious, can be safely deleted ...
W32/AutoRun-HW - W32/AutoRun-HW at Sophos
W32/AutoRun-HW is a worm which spreads via removable shared drives.
W32/AutoRun-HW includes functionality to access the internet and communicate with a remote server via HTTP.
When first run W32/AutoRun-HW copies itself to:
<User>\svchost.exe ...
Packed.Generic.182 - Packed.Generic.182 at Norton Symantec
Packed.Generic.182 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
BackDoor-DNM.dldr - BackDoor-DNM.dldr at McAfee
When executed, this downloader by itself did not seem to drop or create any files or registry entries. However,
like other downloaders, it downloads other malicious files from sites configured by the attacker.This
downloader attempts to download files by connecting to the following sites:http://digitaltreath.
info/a[REMOVED].exehttp:/...
Generic Dropper.bj - Generic Dropper.bj at McAfee
When exected it drops several DLLs into the %Sysdir% folder.lc68af08.dll - 10240 bytesb34c63d7.dll - 45056
bytesc3e2d049.dll - 33 bytesrsvpmsg32.dll - 12800 bytes The following registry keys are created:
[
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rsvpmsg32]Asynchronous
= 1Impersona...
Troj/Agent-HMJ - Troj/Agent-HMJ at Sophos
...
Mal/Behav-031 - Mal/Behav-031 at Sophos
Mal/Behav-031 is a file that contains malicious functionality.
...
Mal/Behav-116 - Mal/Behav-116 at Sophos
Mal/Behav-116 is a behavior found within malware.
...
Troj/Dloadr-BQR - Troj/Dloadr-BQR at Sophos
...
Troj/FakeAle-GC - Troj/FakeAle-GC at Sophos
When first run Troj/FakeAle-GC copies itself to <System>\lphcjgvj0enf1.exe and creates the
following files: <Temp>\.tt1.tmp.vbs - detected as VBS/InfSR-A
<System>\blphcjgvj0enf1.scr - detected as Mal/EncPk-CZ <System>\phcjgvj0enf1.bmp -
bitmap file, can ...
Troj/Agent-HMH - Troj/Agent-HMH at Sophos
...
Troj/Agent-HMI - Troj/Agent-HMI at Sophos
...
Troj/FakeAV-BZ - Troj/FakeAV-BZ at Sophos
...
0 writebacks [08/23/2008 06:34]
[]
permanent link
|
Virus Malware and Threat News for 20080806
Backdoor:W32/vb.fbh - Backdoor:W32/vb.fbh at F-Secure
It has come to our attention that F-Secure Anti-Virus generated a false alarm on Backdoor.Win32.Vb.fbh. The
detection was generated on the file MSWINSCK.OCX which is part of Windows XP.
...
Linux.Phalax - Linux.Phalax at Norton Symantec
Linux.Phalax is a Linux Kernel rootkit which installs a back door on the compromised computer.
...
BackDoor-CUX!30D9EA2E - BackDoor-CUX!30D9EA2E at McAfee
File PropertyProperty ValueFile Nametaskmgre2.exeMcAfee DetectionBackDoor-CUXLength51,200
bytesCRC3230D9EA2EMD598ded8e19d40070f1463c650409c5877SHA1B3830B70AD5FD0F41E7C5661C1BD4C3B0610D213Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)BackDoor.Generic6.GOQKasperskyTrojan.Win32.Buzus.
pfwMicrosofttrojandropper:win3...
Downloader.gen.a!788739A2 - Downloader.gen.a!788739A2 at McAfee
File PropertyProperty ValueFile Name0006.exeMcAfee DetectionDownloader.gen.aLength8,704
bytesCRC32788739A2MD5475D3261715FC56F875D4A56BEEE0706SHA19E907AF4B27447E47EDACA410F04CBE37B1FF70AOther Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/Downloader.8704.VNAvastWin32:Small-LBH [Trj]AVG
(GriSoft)Downloader.Agent.15....
W32/Yahlover.worm.gen.c!D0545FF0 - W32/Yahlover.worm.gen.c!D0545FF0 at McAfee
File PropertyProperty ValueFile Namenew_folder_.exeMcAfee DetectionW32/Yahlover.worm.gen.cLength655,096
bytesCRC32D0545FF0MD5ea76d42694814c02b6eb992392b62e9cSHA1865A1879F4C367429D55D7FB8551EACAAA7873E5Other Common
Detection AliasesCompany NameDetection NameKasperskyTrojan.Win32.Autoit.ciNormanSohanad.gen9SymantecW32.Imaut.
UTrend Micr...
W32/Yahlover.worm.gen.d!F5F323CE - W32/Yahlover.worm.gen.d!F5F323CE at McAfee
File PropertyProperty ValueFile Namenew_folder.exeMcAfee DetectionW32/Yahlover.worm.gen.dLength1,702,400
bytesCRC32F5F323CEMD58904EB0F702ED5E885C06CED6939332ESHA1C11A9D84DE679F2A78D870588969AA162B68FE97Other Common
Detection AliasesCompany NameDetection NameSymantecW32.ImautTrend MicroWORM_SOHANAD.FGAvert® Labs has
observed the fo...
TROJ_RENOS.ADX - TROJ_RENOS.ADX at Trend Micro
This Trojan may be downloaded from remote sites by other malware, specifically TROJ_CHEPVIL.CThis Trojan drops
the following files: JOKE_BLUESCREENTROJ_RENOS.ADXThis Trojan creates registry entries to enable its automatic
execution at every system startup. It also modifies the current system's wallpaper and screensaver.This Trojan
ac...
TROJ_AGENT.AVSZ - TROJ_AGENT.AVSZ at Trend Micro
This Trojan may be downloaded from remote sites by other malware, specifically TROJ_CHEPVIL.C.Upon execution,
this Trojan drops a copy of itself. It then creates a registry entry to enable its automatic execution at
every system startup. This Trojan modifies registry entries to disable the Windows Firewall.
...
TROJ_CHEPVIL.RAR - TROJ_CHEPVIL.RAR at Trend Micro
This is Trend Micro detection for the compressed RAR attachment received through a certain spam email. A
screenshot of the said email is given below:The said email provides a password which is used to extract the
attachment's .EXE content, which Trend Micro detects as TROJ_CHEPVIL.C. The attachment is compressed in RAR
format.As a re...
TROJ_CHEPVIL.C - TROJ_CHEPVIL.C at Trend Micro
This Trojan arrives as attachment to email messages spammed by another malware or a malicious user.Trend Micro
detects the compressed attachment in the email as TROJ_CHEPVIL.RAR. The said email provides a password which
is used to extract the attachment's .EXE content, which Trend Micro detects as TROJ_CHEPVIL.C.It accesses Web
sites...
Troj/Banker-EMV - Troj/Banker-EMV at Sophos
...
Troj/FakeAle-EG - Troj/FakeAle-EG at Sophos
...
Troj/FakeAle-EH - Troj/FakeAle-EH at Sophos
...
Troj/Agent-HJO - Troj/Agent-HJO at Sophos
...
Troj/Agent-HJP - Troj/Agent-HJP at Sophos
...
Troj/Agent-HJR - Troj/Agent-HJR at Sophos
...
Troj/Bckd-B - Troj/Bckd-B at Sophos
...
Troj/FakeAle-EE - Troj/FakeAle-EE at Sophos
...
Troj/FakeAle-EF - Troj/FakeAle-EF at Sophos
...
Troj/FakeVir-EH - Troj/FakeVir-EH at Sophos
...
W32/Sality.ai - W32/Sality.ai at McAfee
W32/Sality.ai is a parasitic virus that infects Win32 PE executable files.Upon execution, this file infector
listens on an UDP port and drops the following file: %System%\drivers\{Random file name}.sys (Terminates
security applications)(Note: %System% is the Windows system folder, e.g. C:\Windows\System32 or C:
\WINNT\System32)It then...
Boface.A - Boface.A at Panda
Makes a Botnet using the social networks Facebook and MySpace to spread and so the author can order malicious
actions to the Zombies.
...
0 writebacks [08/06/2008 09:19]
[]
permanent link
|
Virus Malware and Threat News for 20080805
Riskware:W32/SysKontroller.c - Riskware:W32/SysKontroller.c at F-Secure
It has come to our attention that F-Secure Anti-Virus generated a false alarm on FraudTool.Win32.SysKontroller.
c. The detection was generated on the file MFC71.DLL which is part of Windows XP Service Pack 2.
...
W32/Yahlover.worm.gen.c!D881E28F - W32/Yahlover.worm.gen.c!D881E28F at McAfee
File PropertyProperty ValueFile Namenew_folder_.exeMcAfee DetectionW32/Yahlover.worm.gen.cLength617,984
bytesCRC32D881E28FMD55F009A2EB72FEC757ABB2E0234EEDA4ESHA16686E8A97C0837455CFD21F1406B158696BD5CD9Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)worm/generic.hhaKasperskynot-a-virus:Monitor.Win32.
Ardamax.dsNorm...
W32/Bagle.gen!Sality!33D1D54F - W32/Bagle.gen!Sality!33D1D54F at McAfee
File PropertyProperty ValueFile Namemplay.exeMcAfee DetectionW32/Bagle.gen!SalityLength28,155
bytesCRC3233D1D54FMD5337ecc88c1285749a62d7b738451dac9SHA1FFDA1F2DBA812F5FEA8DCA237BEB0C2CEB7DEED1Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)win32/salityKasperskyEmail-Worm.Win32.Bagle.
aeMicrosoftworm:win32/bagle.as@...
Generic BackDoor.u!1B8D322F - Generic BackDoor.u!1B8D322F at McAfee
File PropertyProperty ValueFile Namemmc32.exeMcAfee DetectionGeneric BackDoor.uLength89,600
bytesCRC321B8D322FMD52b60360c32737960d19d7478962539e0SHA1A059560595B2C6E4E6B2174D28EA5E5F115991A4Other Common
Detection AliasesCompany NameDetection NameAhnLabWin32/Autorun.worm.89600AvastWin32:AutoRun-S [Trj]AVG
(GriSoft)Worm/Delf.CJXAviraw32...
W32/YahLover.worm!ACE58CF2 - W32/YahLover.worm!ACE58CF2 at McAfee
File PropertyProperty ValueFile Nameregsvr.exeMcAfee DetectionW32/YahLover.wormLength635,392
bytesCRC32ACE58CF2MD5a7e52f89dc90b0b822d603394a860a97SHA10AA3006D9B2CF1CE9405101A67DB4B48D0E5338EOther Common
Detection AliasesCompany NameDetection NameAvastWin32:AutoIt-CI [Trj]AVG (GriSoft)worm/autoit.
cakAviraTR/Autoit.CI.14BitDefenderTroj...
W32/Netsky.x@MM!95B366B5 - W32/Netsky.x@MM!95B366B5 at McAfee
File PropertyProperty ValueFile Name.xx.exeMcAfee DetectionW32/Netsky.x@MMLength26,112
bytesCRC3295B366B5MD52eaf40e4458668823f0c522ec6f537b7SHA1583B94A6453ABFA755E657C08515EA0ADED4B83FOther Common
Detection AliasesCompany NameDetection NameAhnLabWin32/Netsky.worm.26112AvastWin32:NetSky-BG [Wrm]AVG
(GriSoft)I-Worm/Netsky.XAviraWorm/Ne...
PWS-Mmorpg.gen!AF2256DA - PWS-Mmorpg.gen!AF2256DA at McAfee
File PropertyProperty ValueFile Namec524c9~1.exeMcAfee DetectionPWS-Mmorpg.genLength17,521
bytesCRC32AF2256DAMD5c524c9c5f3c390cac074ce669f87f3b7SHA1870FCE067C8B495DE5E5AC77A4E2C327B6621195Other Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.17521.CAvastWin32:OnLineGames-EEP
[Trj]AVG (GriSoft)Generic...
W32/Nuwar@MM!355AE282 - W32/Nuwar@MM!355AE282 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32355AE282MD5b37a387918f260eb61db4275a64f227eSHA1EECE8C0B85ED09BC2CAA634C0EFC8B700CFF92ADOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!AA71E975 - W32/Nuwar@MM!AA71E975 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32AA71E975MD5fd027d0fbfe2f3971cccf18a5296990aSHA17E05E072377FA4D5FA8C6D4DE9DDC68A04F07E52Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!07BFF67D - W32/Nuwar@MM!07BFF67D at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC3207BFF67DMD523a9966f815a587c17b93be0dca7d033SHA14A44680A077EACE67FFDB27ECFE0394A431583A2Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!DBC1552D - W32/Nuwar@MM!DBC1552D at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32DBC1552DMD5fc3a5a28b8c3a2b2f3c08f52228e8047SHA1DB78AD63EA85DA0ACC35EC8B3DB1F8A6B1A24522Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!8B0F55DF - W32/Nuwar@MM!8B0F55DF at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC328B0F55DFMD5bfb03d77308c472a43c6e334ffcd3e54SHA1F5D3AC7897D82F967A1801F1BD42C59E5CB45222Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!66920964 - W32/Nuwar@MM!66920964 at McAfee
File PropertyProperty ValueFile Nameiran_occ.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC3266920964MD5633c1362712cda472498b95b993db333SHA16807051F3C2F1D437E667ED2E5799D482E5643B8Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed...
W32/Nuwar@MM!BD732894 - W32/Nuwar@MM!BD732894 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32BD732894MD563c0a36604bf9b7d0d2e49b3162516d4SHA151210A0FF527E9DF0BBD5EE7B18BA35C1CC81B8DOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!9C11DEEC - W32/Nuwar@MM!9C11DEEC at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC329C11DEECMD55e9a63a1ce10c86d5f1e269e42b0cb6eSHA1B042B8FB6A2CD0CDAF417A44C1B316B980989DD8Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!431EE1D2 - W32/Nuwar@MM!431EE1D2 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32431EE1D2MD5749907f0c7d5e16d0cc7e5ca32408659SHA118BB646B4787FCED10C3067C0204248A434B7C8FOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!1536CE64 - W32/Nuwar@MM!1536CE64 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength117,760
bytesCRC321536CE64MD579a6db8ad49c42d154ba7c94099f01ceSHA1773EABAFACE4CBA6FE22103615F108D594D73D28Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!184F37A9 - W32/Nuwar@MM!184F37A9 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32184F37A9MD5a7d304703cba2271ec5fbf1ae72d467cSHA1B85F02F4DF433B9B1651C2950871F0DE0F39AE71Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!7A90C0D7 - W32/Nuwar@MM!7A90C0D7 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC327A90C0D7MD543ef328a43d6a5c56af6f0d7c1dd717eSHA104E569FE511032055ABD79F995329A38DA8C5CFFOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!24A63685 - W32/Nuwar@MM!24A63685 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC3224A63685MD578d87ee5d5822c6d3bc5402df559a4deSHA10DB3672DA13B3355FBAC7069E03965490FB258C5Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!988C5842 - W32/Nuwar@MM!988C5842 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32988C5842MD585312f44fbaabd6d8743ffb41df501b0SHA1ACDEE6FAB1B51FB47863EF02950BAEB519DFDB13Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!7C34A6F6 - W32/Nuwar@MM!7C34A6F6 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC327C34A6F6MD55896bf72c33a66ab196f4d120441675aSHA177E7A6BC2E307176AF8CCC336BA466D45BF8883EOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!09E8EB11 - W32/Nuwar@MM!09E8EB11 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC3209E8EB11MD54e42933ad9c97b7d022048036346b670SHA1E9C4C334F699EE2E0782E96D409AF6E596AADD84Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!CAF2AB47 - W32/Nuwar@MM!CAF2AB47 at McAfee
File PropertyProperty ValueFile Nameback.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32CAF2AB47MD5077d61b6f43d7776fcd884ac225417b1SHA1519EFBBE505538BBD221D659EF3944EB46FE68F0Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!75C79017 - W32/Nuwar@MM!75C79017 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC3275C79017MD593157d87a335a9f9a0a72d934c80a655SHA1B04B66FB8F2F785DCFBF8692C43A8D7FAB43E6C4Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!5DF92239 - W32/Nuwar@MM!5DF92239 at McAfee
File PropertyProperty ValueFile Nameiran_occ.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC325DF92239MD5cb8f153e1ef9b9bb520499fd66ceadd0SHA1379235037D491952724A696AE44BB088DB016E82Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed...
W32/Nuwar@MM!275898DC - W32/Nuwar@MM!275898DC at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32275898DCMD55ff9d770780e5a6d767112dbdfb6066aSHA11CF06CE448A728BFC951E4BEA185E6186B29A13FOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!45B3AC58 - W32/Nuwar@MM!45B3AC58 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC3245B3AC58MD59a93dc10ef09831ba4a738326fe5842dSHA1CF9E5BC77F7EF06DE22AAB42808A260832520A26Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!6164CADF - W32/Nuwar@MM!6164CADF at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC326164CADFMD5044ae2f4c4077b8261964ef07ad9e437SHA132C81686A0E31F6AE9937C73E2BEB5228B1C2A4FOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!7A01A577 - W32/Nuwar@MM!7A01A577 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC327A01A577MD5f366988cfaea094b06a58d645f1321e1SHA1314C91D30E474ED56037DB32D82C4BA32DF082FDOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
W32/Nuwar@MM!B6C6FEB6 - W32/Nuwar@MM!B6C6FEB6 at McAfee
File PropertyProperty ValueFile Nameform.exeMcAfee DetectionW32/Nuwar@MMLength118,272
bytesCRC32B6C6FEB6MD5ef9064762afe43f6c147fb4c920136b2SHA181940128A130F3DE679AC3EDFDD60265CB00CF4BOther Common
Detection AliasesCompany NameDetection NameAvastWin32:Zhelatin-DCO [Wrm]AVG (GriSoft)Downloader.Tibs.9.
ABBitDefenderDropped:Trojan.Peed.JOQ...
TROJ_NUWAR.DDI - TROJ_NUWAR.DDI at Trend Micro
This Trojan may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious
Web sites. It may arrive on a system via spammed mails containing links where this malware can be downloaded.
It drops as file detected by Trend Micro as WORM_ZHELATIN.AAA. It then registers the said file as a system
service ...
TROJ_DLOADR.HM - TROJ_DLOADR.HM at Trend Micro
This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware.This
Trojan accesses Web sites to download files detected by Trend Micro as the following malware: TROJ_DROPPER.
BRWADW_CINMUSIt then executes the downloaded files. As a result, malicious routines of the downloaded files
are exhibited ...
TROJ_MUTANT.HP - TROJ_MUTANT.HP at Trend Micro
This Trojan may arrive bundled with malware packages as a malware component. It may also arrive as a .DLL file
that exports functions used by other malware.It is usually dropped in Windows system folder and executes every
time the system is started via a created autostart registry entry.This .DLL file is injected into the WINLOGON.
EX...
TROJ_NUWAR.DDJ - TROJ_NUWAR.DDJ at Trend Micro
This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting
malicious Web sites. It may arrive on a system via spammed mails containing links where this malware can be
downloaded.It drops files detected by Trend Micro as WORM_ZHELATIN.AAA, then registers the said file as a
service to enable a...
Sality.AG - Sality.AG at Panda
It leaves the computer vulnerable against the attack of other malware. It downloads malicious files from
several websites. It infects files with an EXE and SCR extension, which are then distributed through any of
the usual means....
JS/Psyme-JN - JS/Psyme-JN at Sophos
...
Mal/ObfJS-AV - Mal/ObfJS-AV at Sophos
Mal/ObfJS-AV is a malicious JavaScript Trojan within a web page.
...
Troj/DwnLdr-HGJ - Troj/DwnLdr-HGJ at Sophos
Troj/DwnLdr-HGJ is a Trojan downloader for the Windows platform. When first
run,Troj/DwnLdr-HGJ copies itselfl to: <System32>\ieupdates.exe
Troj/DwnLdr-HGJ has the functionality to: -download file from preconfigured URL then run it.
...
Troj/Agent-HJH - Troj/Agent-HJH at Sophos
Troj/Agent-HJH is a password stealing Trojan for the Windows platform.
Troj/Agent-HJH includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Agent-HJH copies itself to:
<System>\hiquooc.exe ...
Troj/FakeAle-EB - Troj/FakeAle-EB at Sophos
...
Troj/FakeVir-EF - Troj/FakeVir-EF at Sophos
...
Troj/FakeVir-EG - Troj/FakeVir-EG at Sophos
...
Troj/Renos-AZ - Troj/Renos-AZ at Sophos
Troj/Renos-AZ is a Trojan for the Windows platform. Troj/Renos-AZ includes
functionality to access the internet and communicate with a remote server via HTTP.
Troj/Renos-AZ changes settings for Microsoft Internet Explorer, including search settings, by modifying values
under: ...
W32/Autorun-HB - W32/Autorun-HB at Sophos
W32/Autorun-HB is a worm for the Windows platform. This worm copies itself
to removable storage devices, such as USB sticks. When first run, the worm copies
itself to the following on a removable drive: <Recycler>\S-<random
numbers>\xop32.exe...
W32/AutoRun-HC - W32/AutoRun-HC at Sophos
W32/AutoRun-HC is a worm for the Windows platform. W32/AutoRun-HC spreads
via removable shared drives by copying itself to <Root>\nideiect.com (detected as W32/AutoRun-HC).
W32/AutoRun-HC includes functionality to: download code from the internet
te...
0 writebacks [08/05/2008 05:13]
[]
permanent link
|
Virus Malware and Threat News for 20080804
W32.Koobface.B - W32.Koobface.B at Norton Symantec
W32.Koobface.B is a worm that spreads through social networking sites.
...
W32.Koobface.A - W32.Koobface.A at Norton Symantec
W32.Koobface.A is a worm that spreads through social networking sites.
...
Troj/Agent-HIU - Troj/Agent-HIU at Sophos
...
Troj/Bancos-BEI - Troj/Bancos-BEI at Sophos
Troj/Bancos-BEI is a Trojan for the Windows platform. When first run
Troj/Bancos-BEI copies itself to <System>\tasklist32.exe.
...
Troj/OnLineG-AS - Troj/OnLineG-AS at Sophos
...
Troj/VB-PGG - Troj/VB-PGG at Sophos
...
W32/Autorun-GZ - W32/Autorun-GZ at Sophos
...
Troj/Pushdo-O - Troj/Pushdo-O at Sophos
Troj/Pushdo-O is a Trojan for the Windows platform. When Troj/Pushdo-O is
installed it creates the file <System>\drivers\Rvy60.sys. The file Rvy60.sys is
detected as Troj/Pushu-Gen. The file Rvy60.sys is registered as a new system driver
service na...
Troj/Agent-HIS - Troj/Agent-HIS at Sophos
...
Troj/Agent-HIT - Troj/Agent-HIT at Sophos
...
Troj/Bckdr-QOO - Troj/Bckdr-QOO at Sophos
Troj/Bckdr-QOO is a Trojan for the Windows platform. Troj/Bckdr-QOO
includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Bckdr-QOO copies itself to <Windows>\taskmrge.exe and creates the file
<Windows>\mon...
Troj/BDoor-AMW - Troj/BDoor-AMW at Sophos
...
0 writebacks [08/04/2008 05:13]
[]
permanent link
|
Virus Malware and Threat News for 20080803
PyroAntiSpy - PyroAntiSpy at Norton Symantec
BehaviorPyroAntiSpy is a misleading application that may give exaggerated reports of threats on the computer.
...
Trojan.Spamuzle!inf - Trojan.Spamuzle!inf at Norton Symantec
Trojan.Spamuzle!inf is a detection for files infected with Trojan.Spamuzle.
...
Trojan.Spamuzle - Trojan.Spamuzle at Norton Symantec
Trojan.Spamuzle is a Trojan horse that modifies system files and attempts to send spam email. It also
downloads files and may steal information from the computer.
...
Packed.Generic.177 - Packed.Generic.177 at Norton Symantec
Packed.Generic.177 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
Generic PWS.y!6B5251B2 - Generic PWS.y!6B5251B2 at McAfee
File PropertyProperty ValueFile Nameb251526b.exeMcAfee DetectionGeneric PWS.yLength439,808
bytesCRC326B5251B2MD5299b39a3b4fa3f660767c0c085ff8804SHA1D0E9674DC6323F10BC1A6D8F583153663BBBE0EDOther Common
Detection AliasesCompany NameDetection NameAvastWin32:KeyLogger-EQAVG (GriSoft)psw.generic6.soeAviraTR/SPY.
KeyLogger.anoBitDefenderGen...
Generic PWS.y!0D00DC8C - Generic PWS.y!0D00DC8C at McAfee
File PropertyProperty ValueFile Name8cdc000d.exeMcAfee DetectionGeneric PWS.yLength115,316
bytesCRC320D00DC8CMD5f1a1c13938160e37be9c165a75c5f8fbSHA1FECABF4C0C02BA039C1FB503711B5F6F510C86E6Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Pophot-AMAviraBDS/Hupigon.GenBitDefenderGeneric.
Onlinegames.5.3DB543A3ClamAVPUA....
PWS-OnlineGames.as!A40F04D3 - PWS-OnlineGames.as!A40F04D3 at McAfee
File PropertyProperty ValueFile Nameadco2.exeMcAfee DetectionPWS-OnlineGames.asLength23,335
bytesCRC32A40F04D3MD5d58917a70c0137bc85edb974466a8c34SHA1A2161356863DEE09C9F2B316B4935A8466950325Other Common
Detection AliasesCompany NameDetection NameAvastWin32:OnLineGames-DQP [Trj]AVG (GriSoft)PSW.Generic6.
VEFAviraTR/Dropper.GenBitDefende...
PWS-OnlineGames.ax!854744FE - PWS-OnlineGames.ax!854744FE at McAfee
File PropertyProperty ValueFile Nameadco6.exeMcAfee DetectionPWS-OnlineGames.axLength15,857
bytesCRC32854744FEMD58aa65ad46475ea4e49c5052eca8742baSHA1F547415AD7556D42B023084258427BBA28E88171Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Nilage-NP [Trj]AviraTR/Dropper.GenBitDefenderTrojan.PWS.
Lmir.UMHClamAVPUA.Packe...
PWS-OnlineGames.as!586BBD4E - PWS-OnlineGames.as!586BBD4E at McAfee
File PropertyProperty ValueFile Nameadco15.exeMcAfee DetectionPWS-OnlineGames.asLength20,575
bytesCRC32586BBD4EMD5dd4d16151afbb42e87cd235442f96df9SHA1C4B7B245DAA5DEED476263A24A44F96D29D99A29Other Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-GameThief.Win32.OnLineGames.
smjnNormanw32/suspicious_u.genSophosMal/Packe...
PWS-OnlineGames.as!93098B32 - PWS-OnlineGames.as!93098B32 at McAfee
File PropertyProperty ValueFile Nameadco4.exeMcAfee DetectionPWS-OnlineGames.asLength20,327
bytesCRC3293098B32MD57d3df26fda9dd0a587cba4009efeb155SHA1A1252269784C8F02937C73806CD0BD0D742721BEOther Common
Detection AliasesCompany NameDetection NameAvastWin32:OnLineGames-DQP [Trj]AVG (GriSoft)PSW.Generic6.
VBSAviraTR/Dropper.GenBitDefende...
PWS-OnlineGames.as!069ADE29 - PWS-OnlineGames.as!069ADE29 at McAfee
File PropertyProperty ValueFile Nameadco8.exeMcAfee DetectionPWS-OnlineGames.asLength22,719
bytesCRC32069ADE29MD5e66b6c33171a7b1a2cf955991c87083dSHA1D017D004523F63C160819CBFD7D7F316EB62162AOther Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-GameThief.Win32.OnLineGames.
smjnNormanw32/suspicious_u.genSophosMal/Packer...
Downloader.gen.a!2B03F323 - Downloader.gen.a!2B03F323 at McAfee
File PropertyProperty ValueFile Nameinstall_en[1].exeMcAfee DetectionDownloader.gen.aLength190,744
bytesCRC322B03F323MD5370E56560E02E88AAF6356D18FDA1C4FSHA19F36166C36229E0E13D4CD0D6168BD55DF621768Other Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/Downloader.199696AvastWin32:Trojan-gen
{Other}BitDefenderTrojan.Ge...
Downloader.gen.a!09ECFEBB - Downloader.gen.a!09ECFEBB at McAfee
File PropertyProperty ValueFile Nameserialkeygen.exeMcAfee DetectionDownloader.gen.aLength57,869
bytesCRC3209ECFEBBMD5fd6774bbc5f41a474f6bab7f48747310SHA191C3B4A68986E0D67C3489B095578805F874E16COther Common
Detection AliasesCompany NameDetection NameAvastWin32:Adware-genAVG (GriSoft)Generic10.BFNHAviraTR/BHO.
ffbBitDefenderDropped:Tro...
FakeAlert-AG.gen!2C9F3F1F - FakeAlert-AG.gen!2C9F3F1F at McAfee
File PropertyProperty ValueFile Namevistasp1.exeMcAfee DetectionFakeAlert-AG.genLength110,080
bytesCRC322C9F3F1FMD58655796C704EDAD5D76ACEDB8A80F875SHA123F7B06E68B620EA1FEB874F37DB44D32780DC6EOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)I-Worm/Nuwar.UeSafe (Alladin)File [100]
(suspicious)FortiNetSuspiciousMicro...
Generic.dx!B713E05F - Generic.dx!B713E05F at McAfee
File PropertyProperty ValueFile Namesetup.exeMcAfee DetectionGeneric.dxLength210,432
bytesCRC32B713E05FMD5b420a430d733a3a1d8b27e71f78590e1SHA1BB26160E4D6E64EDBE85E2B00A4884936AD624CAOther Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/Dropper.210432AvastWin32:VB-IE [Wrm]AVG
(GriSoft)Worm/Generic.AJWAviraWORM/Rbot....
Puper!16F739BC - Puper!16F739BC at McAfee
File PropertyProperty ValueFile Namesetup_ver1.1540.0.exeMcAfee DetectionPuperLength65,536
bytesCRC3216F739BCMD58217339224b47ef05c321cd2adce3c9eSHA10A50D5928C41D4438C3A78860D94AA59287D3D5AOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Downloader.Zlob.ZXKBitDefenderTrojan.Downloader.Zlob.
ACBGClamAVTrojan.Zlob.REN...
PWS-Mmorpg.gen!5F5EE4D4 - PWS-Mmorpg.gen!5F5EE4D4 at McAfee
File PropertyProperty ValueFile NameUnavailableMcAfee DetectionPWS-Mmorpg.genLength26,480
bytesCRC325F5EE4D4MD5EEF983814FE2E2912230A414A01A447CSHA1BEFDA4BE72A9CE987189E55E18DAC992D7613DB3Other Common
Detection AliasesCompany NameDetection NameAvastWin32:Agent-ZMAAviraTR/Downloader.GenBitDefenderTrojan.PWS.
OnlineGames.WPJClamAVPUA.Pac...
PWS-OnlineGames.f!1AA1EA91 - PWS-OnlineGames.f!1AA1EA91 at McAfee
File PropertyProperty ValueFile NameUnavailableMcAfee DetectionPWS-OnlineGames.fLength18,012
bytesCRC321AA1EA91MD5bc039e338cf56f6e787a92ea5602f888SHA17DD1190673F220981A493888E964D8C7DD38C2ECOther Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.18012.BAvastWin32:OnLineGames-EEP
[Trj]AVG (GriSoft)psw.o...
W32/Sality!8E0763F9 - W32/Sality!8E0763F9 at McAfee
File PropertyProperty ValueFile Namef963078e.exeMcAfee DetectionW32/SalityLength2,887,168
bytesCRC328E0763F9MD5EE6E3D8642813F4460CCB37E34CFFAD5SHA1504547335F90F7959502418719F6AD23BCD6C918Other Common
Detection AliasesCompany NameDetection NameMicrosoftvirus:win32/sality.amNormanw32/sality.
aaSophosW32/Sality-AMSymantecW32.Sality.AETre...
W32/Sality!4D5711A0 - W32/Sality!4D5711A0 at McAfee
...
BackDoor-AWQ!98A6A641 - BackDoor-AWQ!98A6A641 at McAfee
File PropertyProperty ValueFile Name080801-a3-83.exeMcAfee DetectionNew Malware.dqLength30,704
bytesCRC3298A6A641MD5cd9570cb5fc8bbef0019be70e3321c77SHA11AAE0902CE271F6CDCD49084E0B9E4A381F7115AOther Common
Detection AliasesCompany NameDetection NameAhnLabWin32/ExprPacked.suspiciousAvastWin32:Trojan-gen {Other}AVG
(GriSoft)BackDoor.Hup...
W32/Sality!36BCF8D1 - W32/Sality!36BCF8D1 at McAfee
File PropertyProperty ValueFile Named1f8bc36.exeMcAfee DetectionW32/SalityLength574,976
bytesCRC3236BCF8D1MD54374958C8C98110021BF9A278026554ESHA1D667EFF993411993AB67ECEDCE6A1BD8D0339362Other Common
Detection AliasesCompany NameDetection NameMicrosoftvirus:win32/sality.amNormanW32/Sality.
AASophosW32/Sality-AMSymantecW32.Sality.AETrend...
W32/Sality!46983EE4 - W32/Sality!46983EE4 at McAfee
File PropertyProperty ValueFile Namee43e9846.exeMcAfee DetectionW32/SalityLength94,208
bytesCRC3246983EE4MD5F1EF2422F6F42C0B6D8DC1C0FEC92AD2SHA16822AEE605F99AA678E95B0D1405F57FC348BE35Other Common
Detection AliasesCompany NameDetection NameAhnLabWin32/Kashu.BAvastWin32:SalityAVG (GriSoft)Agent.
ULXAviraW32/SalityBitDefenderWin32.Salit...
Generic PUP.x!19F0B105 - Generic PUP.x!19F0B105 at McAfee
This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...
PWS-OnlineGames.as!D9661B08 - PWS-OnlineGames.as!D9661B08 at McAfee
File PropertyProperty ValueFile Namepsxsj.exeMcAfee DetectionPWS-OnlineGames.asLength20,451
bytesCRC32D9661B08MD5913829C02F59489ED048583D04295162SHA17DED8C178E0B749F4EDD2A4F97AD5E13A44C2331Other Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.BAvastWin32:OnLineGames-DQP
[Trj]AVG (GriSoft)PSW.OnlineGa...
PWS-OnlineGames.as!91697233 - PWS-OnlineGames.as!91697233 at McAfee
File PropertyProperty ValueFile Namecxbsj.exeMcAfee DetectionPWS-OnlineGames.asLength20,583
bytesCRC3291697233MD58457a649ec8c03b092e4495e8d50a6b9SHA1CB258345F5A7A7A8F5AEF38E68BEB3A04E7BDFCFOther Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.BAvastWin32:OnLineGames-DQP
[Trj]AVG (GriSoft)psw.onlinega...
PWS-OnlineGames.as!3DE981FE - PWS-OnlineGames.as!3DE981FE at McAfee
File PropertyProperty ValueFile Namekwtsj.exeMcAfee DetectionPWS-OnlineGames.asLength21,211
bytesCRC323DE981FEMD5b6f5fc865e8d49eaca9cc3ffa6d491aeSHA15194BA361AE2E32E321A6639E47253145D1FE81BOther Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.BAvastWin32:OnLineGames-DQP
[Trj]AVG (GriSoft)PSW.OnlineGa...
PWS-OnlineGames.as!18E860F7 - PWS-OnlineGames.as!18E860F7 at McAfee
File PropertyProperty ValueFile Namesebsj.exeMcAfee DetectionPWS-OnlineGames.asLength20,059
bytesCRC3218E860F7MD5aa7f89cb312a34906912d63f805379c2SHA10E7B4A1C267BFD0F9144D01D7391C61430B19ED6Other Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.61440.CDAvastWin32:OnLineGames-DQP
[Trj]AVG (GriSoft)gener...
PWS-OnlineGames.as!45C8670F - PWS-OnlineGames.as!45C8670F at McAfee
File PropertyProperty ValueFile Namekkjsj.exeMcAfee DetectionPWS-OnlineGames.asLength19,479
bytesCRC3245C8670FMD5bcbf88f80fdd096cecb076e321a44542SHA1969811554C95AABD0EAACE73EDE62201036E5391Other Common
Detection AliasesCompany NameDetection NameAhnLabWin-Trojan/OnlineGameHack.BAvastWin32:OnLineGames-DQP
[Trj]AVG (GriSoft)PSW.OnlineGa...
PWS-OnlineGames.as!BC7F1741 - PWS-OnlineGames.as!BC7F1741 at McAfee
File PropertyProperty ValueFile Namedstsj.exeMcAfee DetectionPWS-OnlineGames.asLength19,939
bytesCRC32BC7F1741MD5A44DAB60199EA690C85B267C7BB5EB86SHA15D28DAAE62CEA89A543BDF7B3BE20BC90FB619A6Other Common
Detection AliasesCompany NameDetection NameNormanw32/suspicious_u.genSophosMal/PackerSymantecInfostealer.
GampassTrend MicroTROJ_ZLOB....
W32/Mydoom.o@MM!5ADE2E83 - W32/Mydoom.o@MM!5ADE2E83 at McAfee
File PropertyProperty ValueFile Namefile.exeMcAfee DetectionW32/Mydoom.o@MMLength28,864
bytesCRC325ADE2E83MD57d0e6fb73c891c703cdffd76039bbfddSHA1EAF05732E2254926A573C49121FF9A8CD29810F0Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)dropper.generic_c.ghMicrosoftworm:win32/mydoom.
o@mmNormanmydoom.l@mmPandaW32/Mydo...
Generic PUP.x!3E6188D4 - Generic PUP.x!3E6188D4 at McAfee
This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...
PWS-Mmorpg.gen!5CFBEAA3 - PWS-Mmorpg.gen!5CFBEAA3 at McAfee
File PropertyProperty ValueFile Name080703-a1-84.exeMcAfee DetectionPWS-Mmorpg.genLength19,535
bytesCRC325CFBEAA3MD52516ed40c53ea46b24fffd1a6e330464SHA1F603353C3D8755D341CB24AF0B6BD720FF787556Other Common
Detection AliasesCompany NameDetection NameAvastWin32:OnLineGames-ECFAviraRkit/Agent.2688BitDefenderTrojan.PWS.
OnlineGames.YXFClam...
TROJ_FAKEAV.BH - TROJ_FAKEAV.BH at Trend Micro
This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware. It may
be downloaded unknowingly by a user when visiting malicious Web sites.It creates folders and drops a file
detected by Trend Micro as TROJ_RENOS.ACQ.It creates a registry key and a registry entry as part of its
installation rou...
Troj/FakeAle-DW - Troj/FakeAle-DW at Sophos
...
Troj/FakeAle-DX - Troj/FakeAle-DX at Sophos
...
Troj/Agent-HIR - Troj/Agent-HIR at Sophos
...
Troj/Agent-HIQ - Troj/Agent-HIQ at Sophos
...
Troj/Dloadr-BPE - Troj/Dloadr-BPE at Sophos
...
Troj/Dloadr-BPF - Troj/Dloadr-BPF at Sophos
...
Troj/FakeAle-DV - Troj/FakeAle-DV at Sophos
...
Troj/FakeAv-BA - Troj/FakeAv-BA at Sophos
...
Troj/Lineag-DU - Troj/Lineag-DU at Sophos
...
W32/ShipUp-Q - W32/ShipUp-Q at Sophos
...
0 writebacks [08/03/2008 05:12]
[]
permanent link
|
|
| March 2010 |
|---|
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
1 |
2 |
3 |
4 |
5 |
6 |
| 7 |
8 |
9 |
10 |
11 |
12 |
13 |
| 14 |
15 |
16 |
17 |
18 |
19 |
20 |
| 21 |
22 |
23 |
24 |
25 |
26 |
27 |
| 28 |
29 |
30 |
31 |
|
|
|
Rss version
|
