MWBLOG.ORG

Virus Malware and Threat News for 20081030

Infostealer.Hibik.A

- Infostealer.Hibik.A at Norton Symantec

Infostealer.Hibik.A is a Trojan horse that steals confidential information from the compromised computer.
...

PWS-OnlineGames.cp!43108E10

- PWS-OnlineGames.cp!43108E10 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength119,556
bytesCRC43108E10MD50F6B989FECB973832EB862DA9EE1D862SHA1A1C9EBCA387F11A9D6A89C3C06E62E4569446765Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activities...

PWS-OnlineGames.cp!6453E20C

- PWS-OnlineGames.cp!6453E20C at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength109,828
bytesCRC6453E20CMD5C9362A047703966E543EF1BD0A145132SHA15A04E1D8C14116222C39E2C8FE91912A68968466Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activiti...

Adware-Cinmus!C874CE83

- Adware-Cinmus!C874CE83 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Adware-Cinmus!C1F27A9B

- Adware-Cinmus!C1F27A9B at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Downloader-BKW!56818C16

- Downloader-BKW!56818C16 at McAfee

File PropertyProperty ValueFileNamesyscon~1.exeMcAfee DetectionDownloader-BKWLength974,336
bytesCRC56818C16MD56A16F88151CB733C45E1A8688BE03A85SHA18218F666B0A412E58A033E1C9A65A95A6ED85EE2Other Common
Detection AliasesCompany NameDetection NameAviraTR/Crypt.XPACK.GeneSafe (Alladin)suspicious Trojan/Worm
[101]Sophos~Sus/UnkPackerAvert&r...

StartPage-KI!06F91978

- StartPage-KI!06F91978 at McAfee

File PropertyProperty ValueFileNametrojan~1.exeMcAfee DetectionStartPage-KILength172,544
bytesCRC06F91978MD54B32FA4EA56FC9DEA07B7FCF815F8D47SHA1DB36850719A6573D96BC5EDE7D505E67A43D042COther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Buzus.172544avastWin32:Delf-LDA
[Drp]AviraDR/Delphi.GenBitDefenderTrojan.Dropp...

P2PShared.P

- P2PShared.P at Panda

It steals passwords from all type of programs, applications, email services that could be stored in
the affected computer. It spreads via peer-to-peer (P2P) file sharing programs and through
removable drives....

Troj/Agent-IBG

- Troj/Agent-IBG at Sophos

...

Troj/Drop-BG

- Troj/Drop-BG at Sophos

...

Troj/FakeVir-GV

- Troj/FakeVir-GV at Sophos

...

Troj/FakeAV-FP

- Troj/FakeAV-FP at Sophos

...

Mal/BHO-N

- Mal/BHO-N at Sophos

...

Mal/EncPk-FR

- Mal/EncPk-FR at Sophos

...

Mal/Zlob-AA

- Mal/Zlob-AA at Sophos

...

Troj/Agent-IBT

- Troj/Agent-IBT at Sophos

...

Troj/AgLght-A

- Troj/AgLght-A at Sophos

...

Troj/Bckdr-QQE

- Troj/Bckdr-QQE at Sophos

Troj/Bckdr-QQE is a Trojan for the windows platform.
...

PWS-Gamania.gen.c!E918AB27

- PWS-Gamania.gen.c!E918AB27 at McAfee

File PropertyProperty ValueFileNametta584~1.exeMcAfee DetectionPWS-Gamania.gen.cLength106,299
bytesCRCE918AB27MD5DA87639E0018697C320981E6F475931ESHA1B57A00CBC18D41C6B690D7FBF8D4F6B2A4FEEDFEOther Common
Detection AliasesCompany NameDetection NameAviraTR/Crypt.XPACK.GenBitDefenderPacker.Malware.NSAnti.
1FortiNetSuspiciousF-ProtW32/Onlin...

PWS-OnlineGames.cp!915D565C

- PWS-OnlineGames.cp!915D565C at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength122,116
bytesCRC915D565CMD5B8708D4C8ABB554CB7A12DBC0FAA03A1SHA15DD4670011391774F78B1685EF4CCA329572C279Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogSymantecW32.Gammima.AGAvert®
Labs has observed the follo...

Generic Downloader.x!AFFF0BCD

- Generic Downloader.x!AFFF0BCD at McAfee

File PropertyProperty ValueFileNamea.exeMcAfee DetectionGeneric Downloader.xLength60,932
bytesCRCAFFF0BCDMD52F65F8C98888978596CC32A7911B4E71SHA1A9882C105FFE6059048A5AB3962EF6DFDD240C80Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)SHeur.
CLEVAviraTR/Obfuscated.vfpeSafe (Alladin)Suspic...

Generic.dx!A8826717

- Generic.dx!A8826717 at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

W32/Wplugin!E6D00D3B

- W32/Wplugin!E6D00D3B at McAfee

File PropertyProperty ValueFileNamed4f711~1.exeMcAfee DetectionW32/WpluginLength2,019,811
bytesCRCE6D00D3BMD5EA052A259525ECF5CF2CA07508271C97SHA1D751C5B3119D8C150D33D2636AE6233D63441B46Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)agent.4.gKasperskyTrojan-Spy.Win32.Agent.
eqimicrosoftvirus:win32/slugin.anormanw3...

W32/Wplugin!CE14BB6D

- W32/Wplugin!CE14BB6D at McAfee

File PropertyProperty ValueFileNameacfdd9~1.exeMcAfee DetectionW32/WpluginLength132,727
bytesCRCCE14BB6DMD5F5323A42F160ED436E8852A2488F8894SHA1FB2189BF993B6823EEFDF13F17F6E0AECD0D8E81Other Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-Dropper.Win32.Agent.yatmicrosoftvirus:win32/slugin.
anormansandbox: w32/agent.iyj...

W32/Wplugin!E4923C0F

- W32/Wplugin!E4923C0F at McAfee

File PropertyProperty ValueFileNamewinhos~1.exeMcAfee DetectionW32/WpluginLength864,739
bytesCRCE4923C0FMD579C28AC645BEB57C4AA9A5F9BF738581SHA1FF58549FE681628EAECE11D772F465C019621ACAOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)generic_c.zkeKasperskyBackdoor.Win32.ceBot.
cmicrosoftvirus:win32/slugin.anormansand...

Generic AdClicker.d!D9A8A1AD

- Generic AdClicker.d!D9A8A1AD at McAfee

File PropertyProperty ValueFileName54e9c4~1.exeMcAfee DetectionGeneric AdClicker.dLength40,450
bytesCRCD9A8A1ADMD52307D60A6C0276CF205E3085DDA19062SHA1C3B487ED0CAC3F3C2F14C9AC7BF6647905F764A2Other Common
Detection AliasesCompany NameDetection NameahnlabWin32/NSAnti.suspiciousAVG (GriSoft)Clicker.TJQAviraTR/Crypt.
ULPM.GenBitDefenderTro...

Puper!95CA0F76

- Puper!95CA0F76 at McAfee

File PropertyProperty ValueFileName3ce7a5~1.exeMcAfee DetectionPuperLength20,480
bytesCRC95CA0F76MD5C2CF4A1245DB7DAA679ACAB4CFA74D21SHA11E704B91D41CF7BEA0453F43CD2217AC562F1956Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)downloader.zlob.afpiAviraTR/Dropper.GenEMSI
SoftwareVirus.Win32.Zlob.AJG!IKEsetWin32/Troja...

Generic FakeAlert.a!42F9C9CA

- Generic FakeAlert.a!42F9C9CA at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric FakeAlert.aLength10,240
bytesCRC42F9C9CAMD555E12BDA8167AE95DC13B3ADA76684D9SHA1E9A2654F5FB41D37E6389F30110BB1B32535C072Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)sheur.crcoBitDefenderPacker.Malware.Lighty.ODr.
WebTrojan.Packed.1208KasperskyH...

Generic Dropper!A99565CD

- Generic Dropper!A99565CD at McAfee

File PropertyProperty ValueFileNamee25328.exeMcAfee DetectionGeneric DropperLength1,515,975
bytesCRCA99565CDMD5552EEA5A98F30024F6246577FC662BFESHA16F6073DB36292A4F0BE61901AFFBDCF2F4412DA5Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Xema.variantavastWin32:Trojan-gen {Other}AVG
(GriSoft)SHeur.CLANBitDefender...

Generic Downloader.x!42F9C9CA

- Generic Downloader.x!42F9C9CA at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric Downloader.xLength10,240
bytesCRC42F9C9CAMD555E12BDA8167AE95DC13B3ADA76684D9SHA1E9A2654F5FB41D37E6389F30110BB1B32535C072Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)sheur.crcoBitDefenderPacker.Malware.Lighty.ODr.
WebTrojan.Packed.1208microsoft...

TROJ_GAMETHI.DDV

- TROJ_GAMETHI.DDV at Trend Micro

This Trojan may arrive bundled with malware packages as a malware component. It may arrive as a .DLL file that
exports functions used by other malware.It is a component file of TSPY_LINEAGE/WORM_LINEAGE variants in their
malicious routines. It is used by other malware for its information theft. However, it requires its main
component...

TROJ_ZBOT.AJR

- TROJ_ZBOT.AJR at Trend Micro

This Trojan arrives as a file downloaded from a certain URL.Upon execution, it drops a copy of itself and its
components in the system. It modifies the system registry to enable its automatic execution at every system
startup.It then attempts to access a certain Web site to download its configuration file. The said file
contains info...

Troj/Agent-ICM

- Troj/Agent-ICM at Sophos

Troj/Agent-ICM is a Trojan for the Windows platform. When run the Trojan
copies itself to: <Application Data>\Facegame\Facegame.exe
Troj/Agent-ICM sets the following registry entry:
HKCU\Software\Microsoft\CurrentVersion\Run ...

Troj/Agent-ICN

- Troj/Agent-ICN at Sophos

...

Troj/Bankr-C

- Troj/Bankr-C at Sophos

Troj/Bankr-C is a banking Trojan for the Windows platform. When run, the
Trojan modifies the host file to point certain banking URLS to a remote site hosting a phishing site.
...

Troj/Dloadr-BXM

- Troj/Dloadr-BXM at Sophos

...

Troj/DwnLdr-HJV

- Troj/DwnLdr-HJV at Sophos

...

Troj/Spy-BH

- Troj/Spy-BH at Sophos

...

W32/Yahlov-A

- W32/Yahlov-A at Sophos

W32/Yahlov-A is a worm for the Windows platform. W32/Yahlov-A speads by
copying itself to network shares and removable drives. W32/Yahlov-A copies itself to
the root folder of removeable drives with a randomly generated filename and creates an autorun.inf file in the
root fold...

Mal/Zlob-AC

- Mal/Zlob-AC at Sophos

Mal/Zlob-AC is a malicious program for the Windows platform. Detection for
members of Mal/Zlob-AC is behavior based. It is extremely important that customers report detections of
Mal/Zlob-AC to Sophos and send a sample for analysis.
...

Troj/Dwnldr-HJU

- Troj/Dwnldr-HJU at Sophos

Troj/Dwnldr-HJU is a Trojan for the windows platform. Troj/Dwnldr-HJU
attempts to download an executable file from a remote website. Troj/Dwnldr-HJU copies
the executable file as <Windows>\N0tepad.exe and tries to execute it.
...

Troj/FakeAl-C

- Troj/FakeAl-C at Sophos

...

0 writebacks [10/31/2008 05:05] [] permanent link

Virus Malware and Threat News for 20081029

Trojan.Mournor

- Trojan.Mournor at Norton Symantec

Trojan.Mournor is a Trojan horse that modifies system files and drops other files on to the compromised
computer....

W32/Autorun.worm.gen!C625A473

- W32/Autorun.worm.gen!C625A473 at McAfee

File PropertyProperty ValueFileName0x01xx8p.exeMcAfee DetectionW32/Autorun.worm.genLength25,210
bytesCRCC625A473MD5BE724D2B77FC35694C4CFBE71CF75AC5SHA1A601C008C1514DD182FECC0A59198D91EA8B3692Other Common
Detection AliasesCompany NameDetection NameavastWin32:Otwycal-D [Wrm]AVG
(GriSoft)Win32/PolyCryptAviraWorm/Otwycal.G.34BitDefenderW...

FakeAlert-AB.gen.a!596D898A

- FakeAlert-AB.gen.a!596D898A at McAfee

File PropertyProperty ValueFileNameav2009.exeMcAfee DetectionFakeAlert-AB.gen.aLength1,267,200
bytesCRC596D898AMD527ABA1A2680C121E152A381DF89C2205SHA14980AF16076122437425A77A7CDEFB3F4375AA61Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)generic11.bkkpmicrosoftTrojan:
Win32/FakeXPASophosMal/EncPk-CZAvert® Labs ...

Puper!4B2AAC85

- Puper!4B2AAC85 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic Downloader.x!AE5BF9C4

- Generic Downloader.x!AE5BF9C4 at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric Downloader.xLength10,240
bytesCRCAE5BF9C4MD54A1561373130FD79E95564B975233269SHA137CE628BD7826C66F0BA4B4F3647798B8394355DOther Common
Detection AliasesCompany NameDetection NameavastWin32:Lighty-B [Cryp]AVG (GriSoft)Agent.AHROBitDefenderPacker.
Malware.Lighty.NDr.WebT...

FakeAlert-AZ!88FB7A9D

- FakeAlert-AZ!88FB7A9D at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

MySearch!31B356B0

- MySearch!31B356B0 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

PWS-OnlineGames.cp!44F30DC3

- PWS-OnlineGames.cp!44F30DC3 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength112,388
bytesCRC44F30DC3MD567D7721D01383CE392012620D857F655SHA15A8E13D240116B8179E3EAE32C1E6372121C8004Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activiti...

Spy-Agent.bw.gen.f!29855347

- Spy-Agent.bw.gen.f!29855347 at McAfee

File PropertyProperty ValueFileName!itw#16.exeMcAfee DetectionSpy-Agent.bw.gen.fLength289,792
bytesCRC29855347MD5D218E19CD4193A025F50DD177C28098FSHA1C05CFF4A090E201639DC6D6C9E1CBDE4D407665BOther Common
Detection AliasesCompany NameDetection NameahnlabWin32/IRCBot.worm.variantavastWin32:Zbot-ALU [Trj]AVG
(GriSoft)Pakes_c.SGAviraTR/Spy...

W32/IRCbot.gen.a!0C3A2A49

- W32/IRCbot.gen.a!0C3A2A49 at McAfee

File PropertyProperty ValueFileName!itw#160.exeMcAfee DetectionW32/IRCbot.gen.aLength49,156
bytesCRC0C3A2A49MD5A230185AF1B502E296386C459A319FEDSHA19B7FF6B2B80DAE585690A5826D28D4638663E2A4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Xema.variantavastWin32:SlenfBot-B [Wrm]AVG
(GriSoft)Generic10.AHZQAviraTR/V...

PWS-Gamania.gen.a!DF616118

- PWS-Gamania.gen.a!DF616118 at McAfee

File PropertyProperty ValueFileName!itw#48.exeMcAfee DetectionPWS-Gamania.gen.aLength119,087
bytesCRCDF616118MD57CF877D92A31132F916B7995EB954D5FSHA1A1D90B8CE9924ECC3AD362150D08403BD406C47COther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga
[Trj]BitDefenderPacker.Malware.NSAnti.1clama...

PWS-Gamania.gen.a!FB13B1D3

- PWS-Gamania.gen.a!FB13B1D3 at McAfee

File PropertyProperty ValueFileName!itw#40.exeMcAfee DetectionPWS-Gamania.gen.aLength165,180
bytesCRCFB13B1D3MD5053233BB432129C1E23A6BB047AB298BSHA14F903C1BA3D014F3CFDD7C19C03C88CCE7A137BFOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Vaklik.165180avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AOBitDefen...

W32/Mondera!128060AA

- W32/Mondera!128060AA at McAfee

File PropertyProperty ValueFileName!itw#1.exeMcAfee DetectionW32/MonderaLength20,992
bytesCRC128060AAMD525893C6DC609C4D839A933AC3240651BSHA156BA9F5A4DF9EF1835C7A90472601071B4A174DBOther Common
Detection AliasesCompany NameDetection NameahnlabWin32/Slenping.worm.20992avastWin32:Trojan-gen {Other}AVG
(GriSoft)sheur.ccxjAviraTR/Crypt.XP...

PWS-Gamania.gen.a!B0DACC50

- PWS-Gamania.gen.a!B0DACC50 at McAfee

File PropertyProperty ValueFileName!itw#574.exeMcAfee DetectionPWS-Gamania.gen.aLength121,282
bytesCRCB0DACC50MD571585882A5FDF524E2B29A171B6B9A4ESHA1F235ED1A89BC9CA2A8473D41879BD38F239E5B8FOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Autorun.121282avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AZBitDef...

PWS-Gamania.gen.a!C49AC825

- PWS-Gamania.gen.a!C49AC825 at McAfee

File PropertyProperty ValueFileName!itw#565.exeMcAfee DetectionPWS-Gamania.gen.aLength122,422
bytesCRCC49AC825MD59547275C132BD5C83F9CD7BFE7B540B7SHA113186E9D2BDCEC243D586B9A69A6EF2D50CAA771Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.122422avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.A...

W32/Autorun.worm.h!25E2DBE2

- W32/Autorun.worm.h!25E2DBE2 at McAfee

File PropertyProperty ValueFileName!itw#425.exeMcAfee DetectionW32/Autorun.worm.hLength33,280
bytesCRC25E2DBE2MD56C97F6300325FC19D8C6B9B452C66A6BSHA137C5D75001FC69F13AA5C7223612C455125551D4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Autorun.33280.BavastWin32:Trojan-gen {Other}AVG
(GriSoft)Worm/Generic.IEH...

W32/Sdbot.worm.gen.ax!03FD5EEF

- W32/Sdbot.worm.gen.ax!03FD5EEF at McAfee

File PropertyProperty ValueFileName!itw#65.exeMcAfee DetectionW32/Sdbot.worm.gen.axLength71,680
bytesCRC03FD5EEFMD548A50AF668BBB2EFD43B778D508FB388SHA120C39DC42E062DCE3CA1303864EC68A01390CF99Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Agent.71680.BIavastWin32:Spyware-gen [Trj]AVG
(GriSoft)Worm/Delf.IBBAvi...

W32/Alcan.worm!p2p!B713E05F

- W32/Alcan.worm!p2p!B713E05F at McAfee

File PropertyProperty ValueFileNamew3vb-dw.exeMcAfee DetectionW32/Alcan.worm!p2pLength210,432
bytesCRCB713E05FMD5B420A430D733A3A1D8B27E71F78590E1SHA1BB26160E4D6E64EDBE85E2B00A4884936AD624CAOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Dropper.210432avastWin32:VB-IE [Wrm]AVG
(GriSoft)Worm/Generic.AJWAviraWOR...

Generic PWS.y!EC6698DC

- Generic PWS.y!EC6698DC at McAfee

File PropertyProperty ValueFileName!itw#57.exeMcAfee DetectionGeneric PWS.yLength122,135
bytesCRCEC6698DCMD5122A914D0BCB7706E86597D0A57321A6SHA13402998A9DA970C71D608CD20D2853E2EF63CD37Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Vaklik.122135avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AOBitDefenderP...

W32/Mydoom.j@MM!7845FC07

- W32/Mydoom.j@MM!7845FC07 at McAfee

File PropertyProperty ValueFileNamew3mydomj.exeMcAfee DetectionW32/Mydoom.j@MMLength50,688
bytesCRC7845FC07MD5977ECF802EAFAB1C9139988DD6797EC0SHA14038A6BA549EE6F4702FF8D9F3B55A06FFF4F862Other Common
Detection AliasesCompany NameDetection NameahnlabWin32/MyDoom.worm.50688avastWin32:Mydoom-J [Wrm]AVG
(GriSoft)I-Worm/Mydoom.KAviraWorm/M...

PWS-Gamania.gen.a!3ED828F0

- PWS-Gamania.gen.a!3ED828F0 at McAfee

File PropertyProperty ValueFileName!itw#442.exeMcAfee DetectionPWS-Gamania.gen.aLength124,712
bytesCRC3ED828F0MD591E5D151FED2A5DEF911F44B1DF7D180SHA1101D87CD55FB0B46503EE85354044B4F875EAED6Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Magania.124712avastWin32:Oliga
[Trj]BitDefenderTrojan.PWS.OnlineGames.ZCX...

W32/Autorun.worm.bz.gen!A6FF18B5

- W32/Autorun.worm.bz.gen!A6FF18B5 at McAfee

File PropertyProperty ValueFileNamerkeghh.exeMcAfee DetectionW32/Autorun.worm.bz.genLength420,104
bytesCRCA6FF18B5MD51E9A6AB6539FFCD757A94D7D2E7D11FDSHA1E274AC0D2EDD157AF870B4F2DCFA264CE32E780AOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)worm/autoit.
ekwAviraTR/Autoit.420098Dr.WebWi...

W32/Autorun.worm.bz.gen!E56B9EF8

- W32/Autorun.worm.bz.gen!E56B9EF8 at McAfee

File PropertyProperty ValueFileNamejpxltb.exeMcAfee DetectionW32/Autorun.worm.bz.genLength419,856
bytesCRCE56B9EF8MD5E6F36676EFCEAEF3FC2086CFBA03874CSHA156974E2892EFF7D956BFB8DEDA7479FD33F88FA1Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumProgram often
suspends itselfM...

W32/Autorun.worm.bz.gen!A4411FFF

- W32/Autorun.worm.bz.gen!A4411FFF at McAfee

File PropertyProperty ValueFileNamecjtbhg.exeMcAfee DetectionW32/Autorun.worm.bz.genLength420,230
bytesCRCA4411FFFMD5A8D8CEC586604C83F00D3A8BCBD25E94SHA1A456BB026F46DCEAE5E361FB3CBDE38A5D2B5CBBOther Common
Detection AliasesCompany NameDetection NameSymantecW32.HarakitAvert® Labs has observed the following system
activities:Activit...

Adware-Cinmus!4D08B1D2

- Adware-Cinmus!4D08B1D2 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but the...

Cutwail.dll.gen!D9F27F40

- Cutwail.dll.gen!D9F27F40 at McAfee

File PropertyProperty ValueFileNamebrowsers.exeMcAfee DetectionCutwail.dll.genLength13,312
bytesCRCD9F27F40MD5AC15D26E52699DEB881855F39D3B252CSHA12C02AB076F446C3EC92FA17218823A647B233FABOther Common
Detection AliasesCompany NameDetection NameDr.WebTrojan.DownLoad.2077KasperskyTrojan-Downloader.Win32.Agent.
ajivAvert� Labs has observed...

FakeAlert-AB!72FC94D3

- FakeAlert-AB!72FC94D3 at McAfee

File PropertyProperty ValueFileNamelphcl4~1.exeMcAfee DetectionFakeAlert-ABLength187,392
bytesCRC72FC94D3MD57ABA499451D120B1B39AEF575D757016SHA15F5B2229FFA6C58205875C27046DBB12236B5E56Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)sheur.coyaAviraTR/Dldr.
Small.affaBitDefenderTrojan.Fa...

PWS-Mmorpg.gen!08E44191

- PWS-Mmorpg.gen!08E44191 at McAfee

File PropertyProperty ValueFileNamenew10.exeMcAfee DetectionPWS-Mmorpg.genLength22,486
bytesCRC08E44191MD512F94AEFD4F04FB86E1815C804558D63SHA175293416A12829FC483082B5577EB2F34C2B2F22Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.21719AVG (GriSoft)PSW.OnlineGames.
BELLAviraTR/Spy.GenclamavTrojan...

Aidreden.A

- Aidreden.A at Panda

It deceives users making them think that their computer is infected and offering them a fake security program
that eliminates such threats. It does not spread automatically by its own means.
...

Troj/Wimad-K

- Troj/Wimad-K at Sophos

...

Troj/Agent-IBW

- Troj/Agent-IBW at Sophos

...

Troj/Dloadr-BXF

- Troj/Dloadr-BXF at Sophos

...

Troj/Dloadr-BXG

- Troj/Dloadr-BXG at Sophos

...

Troj/Zbot-AQ

- Troj/Zbot-AQ at Sophos

...

Mal/EncPk-FQ

- Mal/EncPk-FQ at Sophos

...

Troj/Agent-IBU

- Troj/Agent-IBU at Sophos

...

Troj/Agent-IBV

- Troj/Agent-IBV at Sophos

...

Troj/Dloadr-BXD

- Troj/Dloadr-BXD at Sophos

...

Infostealer.Hibik.A

- Infostealer.Hibik.A at Norton Symantec

Infostealer.Hibik.A is a Trojan horse that steals confidential information from the compromised computer.
...

PWS-OnlineGames.cp!43108E10

PWS-OnlineGames.cp!6453E20C

Adware-Cinmus!C874CE83

Adware-Cinmus!C1F27A9B

Downloader-BKW!56818C16

StartPage-KI!06F91978

P2PShared.P

Troj/Agent-IBG

- Troj/Agent-IBG at Sophos

...

Troj/Drop-BG

- Troj/Drop-BG at Sophos

...

Troj/FakeVir-GV

- Troj/FakeVir-GV at Sophos

...

Troj/FakeAV-FP

- Troj/FakeAV-FP at Sophos

...

Mal/BHO-N

- Mal/BHO-N at Sophos

...

Mal/EncPk-FR

- Mal/EncPk-FR at Sophos

...

Mal/Zlob-AA

- Mal/Zlob-AA at Sophos

...

Troj/Agent-IBT

- Troj/Agent-IBT at Sophos

...

Troj/AgLght-A

- Troj/AgLght-A at Sophos

...

Troj/Bckdr-QQE

- Troj/Bckdr-QQE at Sophos

Troj/Bckdr-QQE is a Trojan for the windows platform.
...

0 writebacks [10/30/2008 05:27] [] permanent link

Virus Malware and Threat News for 20081028

Trojan:Java/Konov.A

- Trojan:Java/Konov.A at F-Secure

Konov is a Java (J2ME) trojan. Konov will work on most phones capable of executing Java programs. Once
executed Konov will send SMS messages to premium rate numbers.
...

W32.Patched!gen

- W32.Patched!gen at Norton Symantec

W32.Patched!gen is a generic detection for system files infected or modified by a virus.
...

PWS-OnlineGames.cp!6E6BE430

- PWS-OnlineGames.cp!6E6BE430 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength123,652
bytesCRC6E6BE430MD5F798F9442E923197893165A55328AEB2SHA1C7F28E7391044419FB6CB319C8A597B70C57E9F8Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activities...

PWS-OnlineGames.cp!77E25112

- PWS-OnlineGames.cp!77E25112 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength112,388
bytesCRC77E25112MD533136BA337A47FD78AE866387C25C535SHA155A34D46AAFA4E343BB7B38E00235D30BD1DDDCDOther Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activiti...

Downloader-AZN!72FEA1E9

- Downloader-AZN!72FEA1E9 at McAfee

File PropertyProperty ValueFileName022.exeMcAfee DetectionDownloader-AZNLength38,520
bytesCRC72FEA1E9MD585304BE39BFC1994A996EDCD418710ABSHA1E2BE926B769D4CEA60E4B6FEA30AAA5CACF0ED21Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIMAVG (GriSoft)worm/generic.ndwAviraTR/Dropper.
GenBitDefenderGeneric.Malware.SP!d...

Generic.dx!F47AD008

- Generic.dx!F47AD008 at McAfee

File PropertyProperty ValueFileNameaclutil.exeMcAfee DetectionGeneric.dxLength255,855
bytesCRCF47AD008MD56B8E45FF927C9B7672E6D7475874F74FSHA1CC232BAB5BAD369697FFF923045B05BFBB2DD4B3Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/MabezatKasperskyWorm.Win32.Mabezat.
bMicrosoftVirus:win32/mabezat.bSophosW32/Mab...

Generic Downloader.x!72FC94D3

- Generic Downloader.x!72FC94D3 at McAfee

File PropertyProperty ValueFileNamelphcl4~1.exeMcAfee DetectionGeneric Downloader.xLength187,392
bytesCRC72FC94D3MD57ABA499451D120B1B39AEF575D757016SHA15F5B2229FFA6C58205875C27046DBB12236B5E56Other Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-Downloader.Win32.Small.
affaMicrosoftTrojanDownloader:win32/renos.gen!aq...

Generic PUP.x!D15570C6

- Generic PUP.x!D15570C6 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security-minded or privacy-minded computer user may want to be
informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some
beneficial purpose, b...

Generic Dropper!F9D5CAB7

- Generic Dropper!F9D5CAB7 at McAfee

File PropertyProperty ValueFileNamekiingimh.exeMcAfee DetectionGeneric DropperLength167,936
bytesCRCF9D5CAB7MD58ACF759A0622A06E1264F832110CE660SHA15A36E142ABFEAA4BCDFD56D97FFEC0EC8073DD1DOther Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-Dropper.Win32.Agent.yjgMicrosoftTrojanDropper:
win32/srizbi.gen!dAvert� Labs ...

Downloader-ASH.dr!98C0D944

- Downloader-ASH.dr!98C0D944 at McAfee

File PropertyProperty ValueFileNameu.exeMcAfee DetectionDownloader-ASH.drLength18,944
bytesCRC98C0D944MD5CB1BE5717E370EE8E766D5E1CA1A4FBDSHA1AC4E74B76E5F1EBADE0B81C5E37A419D46A9F060Other Common
Detection AliasesCompany NameDetection NameEMSI SoftwareTrojan-Downloader.Win32.
Tibs!IKMicrosofttrojandownloader:win32/tibsAvert� Labs has ob...

Troj/Agent-IBM

- Troj/Agent-IBM at Sophos

...

Troj/FakeAV-FM

- Troj/FakeAV-FM at Sophos

Troj/FakeAV-FM is a Trojan for the Windows platform. Troj/FakeAV-FM is a
fraudulent security product that bombards the user with fake alerts in an attempt to pester the user into
purchasing their software, if for no other reason, than to stop the barrage of popups.
Troj/FakeAV...

Troj/FakeAV-FN

- Troj/FakeAV-FN at Sophos

Troj/FakeAV-FN is a Trojan for the Windows platform. When Troj/FakeAV-FN is
installed the following files are created: <Current Folder>\delself.bat
<System>\brastk.exe <System>\dllcache\beep.sys
<System>\dllcache\figaro....

Troj/Renos-BH

- Troj/Renos-BH at Sophos

Troj/Renos-BH is a Trojan for the Windows platform. Troj/Renos-BH includes
functionality to access the internet and communicate with a remote server via HTTP.
Troj/Renos-BH downloads files with .gif extensions from multiple websites. These files are actually
executa...

Mal/Behav-302

- Mal/Behav-302 at Sophos

Mal/Behav-302 is a malicious program for the Windows platform. Detection
for members of Mal/Behav-302 is behavior based. It is extremely important that customers report detections of
Mal/Behav-302 to Sophos and send a sample for analysis.
...

Mal/Delf-P

- Mal/Delf-P at Sophos

...

Mal/Veneb-A

- Mal/Veneb-A at Sophos

...

Troj/Agent-IBE

- Troj/Agent-IBE at Sophos

...

Troj/Agent-IBK

- Troj/Agent-IBK at Sophos

...

Trojan.Mournor

- Trojan.Mournor at Norton Symantec

Trojan.Mournor is a Trojan horse that modifies system files and drops other files on to the compromised
computer....

W32/Autorun.worm.gen!C625A473

FakeAlert-AB.gen.a!596D898A

Puper!4B2AAC85

Generic Downloader.x!AE5BF9C4

FakeAlert-AZ!88FB7A9D

MySearch!31B356B0

PWS-OnlineGames.cp!44F30DC3

Spy-Agent.bw.gen.f!29855347

W32/IRCbot.gen.a!0C3A2A49

PWS-Gamania.gen.a!DF616118

PWS-Gamania.gen.a!FB13B1D3

W32/Mondera!128060AA

PWS-Gamania.gen.a!B0DACC50

PWS-Gamania.gen.a!C49AC825

W32/Autorun.worm.h!25E2DBE2

W32/Sdbot.worm.gen.ax!03FD5EEF

W32/Alcan.worm!p2p!B713E05F

Generic PWS.y!EC6698DC

W32/Mydoom.j@MM!7845FC07

PWS-Gamania.gen.a!3ED828F0

W32/Autorun.worm.bz.gen!A6FF18B5

W32/Autorun.worm.bz.gen!E56B9EF8

W32/Autorun.worm.bz.gen!A4411FFF

Adware-Cinmus!4D08B1D2

Cutwail.dll.gen!D9F27F40

FakeAlert-AB!72FC94D3

PWS-Mmorpg.gen!08E44191

Aidreden.A

Troj/Wimad-K

- Troj/Wimad-K at Sophos

...

Troj/Agent-IBW

- Troj/Agent-IBW at Sophos

...

Troj/Dloadr-BXF

- Troj/Dloadr-BXF at Sophos

...

Troj/Dloadr-BXG

- Troj/Dloadr-BXG at Sophos

...

Troj/Zbot-AQ

- Troj/Zbot-AQ at Sophos

...

Mal/EncPk-FQ

- Mal/EncPk-FQ at Sophos

...

Troj/Agent-IBU

- Troj/Agent-IBU at Sophos

...

Troj/Agent-IBV

- Troj/Agent-IBV at Sophos

...

Troj/Dloadr-BXD

- Troj/Dloadr-BXD at Sophos

...

0 writebacks [10/29/2008 05:07] [] permanent link

Virus Malware and Threat News for 20081027

PWS-OnlineGames.cp!FDC0E463

- PWS-OnlineGames.cp!FDC0E463 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength121,092
bytesCRCFDC0E463MD51EC5F11023D1440177FBC83512DAFC39SHA1AF22227DB63D7598251A79A4EE500456125FA077Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activities...

PWS-OnlineGames.cp!ADDD6CB8

- PWS-OnlineGames.cp!ADDD6CB8 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength110,340
bytesCRCADDD6CB8MD5CD284C0E75401761E5D5B7EFDAF497BFSHA12E6536A26D37F309DDAE809FFC00DEEBD301C554Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activiti...

PWS-OnlineGames.cp!EF8DA9ED

- PWS-OnlineGames.cp!EF8DA9ED at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength121,092
bytesCRCEF8DA9EDMD5B5BA1115E1944C19186A389BB5062BABSHA1CE39CC316736F9AF18146BC42DD6C762D2D6AA33Other Common
Detection AliasesCompany NameDetection Namemicrosofttrojandropper:win32/frethogAvert® Labs has observed the
following system activities...

PWS-OnlineGames.cp!9576F8D6

- PWS-OnlineGames.cp!9576F8D6 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength111,364
bytesCRC9576F8D6MD5E5E235DA2BC200AEDC2E62D8C220F433SHA1337DD688F2C2CE40912ADA6DB8068FA7374BC3B2Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumWrites
executable in the windows fold...

Troj/Agent-IAL

- Troj/Agent-IAL at Sophos

...

Troj/Agent-IBA

- Troj/Agent-IBA at Sophos

...

Troj/Agent-IBC

- Troj/Agent-IBC at Sophos

...

Troj/Bckdr-QQB

- Troj/Bckdr-QQB at Sophos

...

Troj/DwnLdr-HJR

- Troj/DwnLdr-HJR at Sophos

Troj/DwnLdr-HJR is a Trojan for the Windows platform. Troj/DwnLdr-HJR
includes functionality to access the internet and communicate with a remote server via HTTP.
When first run, Troj/DwnLdr-HJR creates the following file:
<System>\CbEvtSvc.exe ...

Troj/FakeVir-GS

- Troj/FakeVir-GS at Sophos

...

Troj/OnLineG-BJ

- Troj/OnLineG-BJ at Sophos

Troj/OnLineG-BJ is a Trojan for the Windows platform. When first run
Troj/OnLineG-BJ copies itself to <Windows>\help\EB6C4499B05F.exe and creates the following files:
<Root>\1.hiv <Root>\2.hiv <Current Folder>\2.bat
<...

Troj/PDFex-AD

- Troj/PDFex-AD at Sophos

...

Troj/Skintrim-D

- Troj/Skintrim-D at Sophos

...

Trojan:Java/Konov.A

W32.Patched!gen

- W32.Patched!gen at Norton Symantec

W32.Patched!gen is a generic detection for system files infected or modified by a virus.
...

PWS-OnlineGames.cp!6E6BE430

PWS-OnlineGames.cp!77E25112

Downloader-AZN!72FEA1E9

Generic.dx!F47AD008

Generic Downloader.x!72FC94D3

Generic PUP.x!D15570C6

Generic Dropper!F9D5CAB7

Downloader-ASH.dr!98C0D944

Troj/Agent-IBM

- Troj/Agent-IBM at Sophos

...

Troj/FakeAV-FM

Troj/FakeAV-FN

Troj/Renos-BH

Mal/Behav-302

Mal/Delf-P

- Mal/Delf-P at Sophos

...

Mal/Veneb-A

- Mal/Veneb-A at Sophos

...

Troj/Agent-IBE

- Troj/Agent-IBE at Sophos

...

Troj/Agent-IBK

- Troj/Agent-IBK at Sophos

...

0 writebacks [10/28/2008 05:08] [] permanent link

Virus Malware and Threat News for 20081026

W32.Slugin.A!inf

- W32.Slugin.A!inf at Norton Symantec

W32.Slugin.A!inf is a detection for files infected with W32.Slugin.A.
...

W32.Slugin.A

- W32.Slugin.A at Norton Symantec

W32.Slugin.A is a virus that opens a back door and spreads by infecting executable files found on all drives
accessible from the compromised computer.
...

Trojan.Fakeavalert.B

- Trojan.Fakeavalert.B at Norton Symantec

Trojan.Fakeavalert.B is a Trojan horse that registers itself as a Browser Helper Object on the compromised
computer....

Trojan.Gimmiv.A

- Trojan.Gimmiv.A at Norton Symantec

Trojan.Gimmiv.A is a Trojan horse that opens a back door, attempts to exploit remote vulnerabilities and may
steal information from the compromised computer.
...

PWS-Mmorpg.gen!A452545B

- PWS-Mmorpg.gen!A452545B at McAfee

File PropertyProperty ValueFileNamenew14.exeMcAfee DetectionPWS-Mmorpg.genLength11,112
bytesCRCA452545BMD5391B668E28968934F4B3C6BB4914508DSHA18ECA95718DCF3D8610F3EB1B777E6C15097315EEOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)psw.onlinegames.bemnAviraTR/Dropper.
GenBitDefenderDropped:Generic.Malware.gPWS.15452...

PWS-QQGame!52FED84A

- PWS-QQGame!52FED84A at McAfee

File PropertyProperty ValueFileNamenew32.exeMcAfee DetectionPWS-QQGameLength31,869
bytesCRC52FED84AMD5C80F87289C1D6FE588B25C3A6245EA5BSHA1E495A549E373C4B19CBBFEAA4688FB1569252195Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/lmir.fhAvert® Labs has observed the following
system activities:ActivityRisk Le...

PWS-Mmorpg.gen!C3BB1368

- PWS-Mmorpg.gen!C3BB1368 at McAfee

File PropertyProperty ValueFileNamenew1.exeMcAfee DetectionPWS-Mmorpg.genLength19,993
bytesCRCC3BB1368MD5750CBDDF7743D30E00E6007DC269872DSHA19A13D4944B53205748FEAA18D9812D609E2D9870Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen {Other}AVG
(GriSoft)psw.onlinegames.bcgjAvi...

PWS-OnlineGames.cp!3C6DBBCE

- PWS-OnlineGames.cp!3C6DBBCE at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength121,092
bytesCRC3C6DBBCEMD587140189A40D2EAE46D24A16DDCD91A8SHA1DCDB195E365E20815F5828F0AEBFB441C1298E82Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumWrites
executable in the windows folder...

PWS-OnlineGames.cp!11F4DC50

- PWS-OnlineGames.cp!11F4DC50 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength110,852
bytesCRC11F4DC50MD5D25AFD8286923F424AE685063B3E747ASHA19A556A6AF118CFF0FDCEABA25128EF530ACBCC44Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumWrites
executable in the windows fold...

PWS-OnlineGames.cp!A69100A9

- PWS-OnlineGames.cp!A69100A9 at McAfee

...

PWS-OnlineGames.cp!96978293

- PWS-OnlineGames.cp!96978293 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength119,556
bytesCRC96978293MD5452F3ABEA36D046B8444D818DB1C2C15SHA1557E23552F75BF3E0CA1E7641FBAED5CB520DCA5Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumWrites
executable in the windows folder...

Boaxxe.dr!47ACB927

- Boaxxe.dr!47ACB927 at McAfee

File PropertyProperty ValueFileNamecrack_~1.exeMcAfee DetectionBoaxxe.drLength120,832
bytesCRC47ACB927MD58DB914672F063663CF061CDE5460078ASHA1B3AD6E026C225B449BAA4BDBD21BCDC39399BBF9Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates open windowsMediumEnumerates running
processesMediumUses shared m...

Generic PWS.y!F1684D85

- Generic PWS.y!F1684D85 at McAfee

File PropertyProperty ValueFileNamentos.exeMcAfee DetectionGeneric PWS.yLength441,344
bytesCRCF1684D85MD51B2E1DB878A8ECD62E5AA052D91BBD80SHA17BC51D686B92FE4E005B00FE3277FE951888D424Other Common
Detection AliasesCompany NameDetection NameavastWin32:Zbot-genAviraTR/Dropper.GenBitDefenderTrojan.Spy.Zeus.1.
GenDr.WebTrojan.Packed.511F-Pro...

Generic Downloader.x!B0DFB8CA

- Generic Downloader.x!B0DFB8CA at McAfee

File PropertyProperty ValueFileNamevedxg6~1.exeMcAfee DetectionGeneric Downloader.xLength88,064
bytesCRCB0DFB8CAMD5F5C65170BC4DE510ECAE9F57640189B9SHA187D98201F28794AEA592880986BDCF27B658168COther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)downloader.small.epcBitDefenderTrojan.Peed.
JUXKasperskyTrojan-Downloader.Wi...

Generic.dx!2BAB8A7A

- Generic.dx!2BAB8A7A at McAfee

File PropertyProperty ValueFileNamedlds2.exeMcAfee DetectionGeneric.dxLength20,282
bytesCRC2BAB8A7AMD53AE29C1A5FB9D8E852148F12DB369CF1SHA198CF798C10F66C997A0CDBE225DF8D0F280EE3D0Other Common
Detection AliasesCompany NameDetection NameMicrosofttrojan:win32/tibs.gen!jNormanw32/smalldrp.
anszSophosMal/Dorf-DAvert� Labs has observed the f...

Generic.dx!CE21E1E0

- Generic.dx!CE21E1E0 at McAfee

File PropertyProperty ValueFileName515863~1.exeMcAfee DetectionGeneric.dxLength72,704
bytesCRCCE21E1E0MD5869EF8557E9A287375DCB658388DE16DSHA1856AFF692A49DF1D4002A975248CEFC552002083Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-ABKCAviraTR/Agent.wyi.1Avert� Labs has observed
the following system activities:A...

WORM_AUTORUN.PB

- WORM_AUTORUN.PB at Trend Micro

This worm arrives as attachment to email messages spammed by another malware or a malicious user. It may be
dropped by other malware.It creates registry entries to enable its automatic execution at every system startup.
It drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute
dropped cop...

WORM_GIMMIV.A

- WORM_GIMMIV.A at Trend Micro

This worm is usually downloaded by TSPY_GIMMIV.A. It may be downloaded from Web sites by zero-day exploits of
a discovered vulnerability in certain Microsoft operating systems. More information on this vulnerability can
be found on the following pages:Microsoft Security Bulletin MS08-067(MS08-067) Vulnerability in Server Service
Coul...

TROJ_VB.JBI

- TROJ_VB.JBI at Trend Micro

...

MS08-067

- MS08-067 at Panda

It is a critical vulnerability in the Windows Server Service on Windows 2008/Vista/2003/XP/2000 computers,
which allows hackers to gain remote control of the affected computer with the same privileges as the logged on
user....

Gimmiv.A

- Gimmiv.A at Panda

It exploits the vulnerability MS08-067 in the Windows Server Service in order to steal all type of
information about the affected user and computer, such as passwords, security patches installed in the system,
etc. It does not spread automatically by its own means.
...

Troj/Agent-IBB

- Troj/Agent-IBB at Sophos

...

Troj/Swizzor-OJ

- Troj/Swizzor-OJ at Sophos

...

Troj/Agent-IAZ

- Troj/Agent-IAZ at Sophos

...

Troj/Agent-IAX

- Troj/Agent-IAX at Sophos

Troj/Agent-IAX is a Trojan for the Windows platform. When first run
Troj/Agent-IAX copies itself to <System>\rs32net.exe. The following registry
entry is created to run rs32net.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ...

Troj/Bckdr-QQA

- Troj/Bckdr-QQA at Sophos

...

Troj/FakeAle-IY

- Troj/FakeAle-IY at Sophos

Troj/FakeAle-IY is a Trojan for the Windows platform. When Troj/FakeAle-IY
is installed the following files are created: <Current Folder>\delself.bat
<System>\brastk.exe <System>\dllcache\beep.sys
<System>\dllcache\figar...

Troj/Spywad-BA

- Troj/Spywad-BA at Sophos

...

Troj/Agent-IAV

- Troj/Agent-IAV at Sophos

...

Troj/Agent-IAW

- Troj/Agent-IAW at Sophos

...

Troj/FakeAle-IX

- Troj/FakeAle-IX at Sophos

Troj/FakeAle-IX is a Trojan for the Windows platform. When Troj/FakeAle-IX
is installed the following files are created: <Current Folder>\delself.bat
<System>\brastk.exe <System>\dllcache\beep.sys
<System>\dllcache\figar...

PWS-OnlineGames.cp!FDC0E463

PWS-OnlineGames.cp!ADDD6CB8

PWS-OnlineGames.cp!EF8DA9ED

PWS-OnlineGames.cp!9576F8D6

Troj/Agent-IAL

- Troj/Agent-IAL at Sophos

...

Troj/Agent-IBA

- Troj/Agent-IBA at Sophos

...

Troj/Agent-IBC

- Troj/Agent-IBC at Sophos

...

Troj/Bckdr-QQB

- Troj/Bckdr-QQB at Sophos

...

Troj/DwnLdr-HJR

Troj/FakeVir-GS

- Troj/FakeVir-GS at Sophos

...

Troj/OnLineG-BJ

Troj/PDFex-AD

- Troj/PDFex-AD at Sophos

...

Troj/Skintrim-D

- Troj/Skintrim-D at Sophos

...

0 writebacks [10/27/2008 05:03] [] permanent link

Virus Malware and Threat News for 20081025

W32.Slugin.A!inf

- W32.Slugin.A!inf at Norton Symantec

W32.Slugin.A!inf is a detection for files infected with W32.Slugin.A.
...

W32.Slugin.A

- W32.Slugin.A at Norton Symantec

W32.Slugin.A is a virus that opens a back door and spreads by infecting executable files found on all drives
accessible from the compromised computer.
...

Trojan.Fakeavalert.B

- Trojan.Fakeavalert.B at Norton Symantec

Trojan.Fakeavalert.B is a Trojan horse that registers itself as a Browser Helper Object on the compromised
computer....

Trojan.Gimmiv.A

- Trojan.Gimmiv.A at Norton Symantec

Trojan.Gimmiv.A is a Trojan horse that opens a back door, attempts to exploit remote vulnerabilities and may
steal information from the compromised computer.
...

PWS-Mmorpg.gen!A452545B

PWS-QQGame!52FED84A

PWS-Mmorpg.gen!C3BB1368

PWS-OnlineGames.cp!3C6DBBCE

PWS-OnlineGames.cp!11F4DC50

PWS-OnlineGames.cp!A69100A9

- PWS-OnlineGames.cp!A69100A9 at McAfee

...

PWS-OnlineGames.cp!96978293

Boaxxe.dr!47ACB927

Generic PWS.y!F1684D85

Generic Downloader.x!B0DFB8CA

Generic.dx!2BAB8A7A

Generic.dx!CE21E1E0

WORM_AUTORUN.PB

WORM_GIMMIV.A

TROJ_VB.JBI

- TROJ_VB.JBI at Trend Micro

...

MS08-067

Gimmiv.A

Troj/Agent-IBB

- Troj/Agent-IBB at Sophos

...

Troj/Swizzor-OJ

- Troj/Swizzor-OJ at Sophos

...

Troj/Agent-IAZ

- Troj/Agent-IAZ at Sophos

...

Troj/Agent-IAX

Troj/Bckdr-QQA

- Troj/Bckdr-QQA at Sophos

...

Troj/FakeAle-IY

Troj/Spywad-BA

- Troj/Spywad-BA at Sophos

...

Troj/Agent-IAV

- Troj/Agent-IAV at Sophos

...

Troj/Agent-IAW

- Troj/Agent-IAW at Sophos

...

Troj/FakeAle-IX

0 writebacks [10/26/2008 05:10] [] permanent link

Virus Malware and Threat News for 20081023

PWS-Gamania.gen.a!C9BA19AC

- PWS-Gamania.gen.a!C9BA19AC at McAfee

File PropertyProperty ValueFileName!itw#58.exeMcAfee DetectionPWS-Gamania.gen.aLength130,688
bytesCRCC9BA19ACMD516CEFE443E7202D349D6966FF26C4348SHA1C168B133CFD9475AC30C7C3C0E1B06D76AB5C632Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.2.UBitDefe...

PWS-Gamania.gen.a!AFB3A234

- PWS-Gamania.gen.a!AFB3A234 at McAfee

File PropertyProperty ValueFileName!itw#61.exeMcAfee DetectionPWS-Gamania.gen.aLength128,377
bytesCRCAFB3A234MD58D43B2CC77EBF6B24521FBBEE1672937SHA197C53E5C250D2BE3B0A5C795DC5599352F0FB68COther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Vaklik.128377avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.2.PAviraTR...

W32/Sdbot.worm!8E5538A0

- W32/Sdbot.worm!8E5538A0 at McAfee

File PropertyProperty ValueFileName!itw#2~1.exeMcAfee DetectionW32/Sdbot.wormLength39,075
bytesCRC8E5538A0MD558B91C7FDEF3A441AB8173602EB849CBSHA1B9FDAB1681EE95FEE518FD21C003604C7A7705D7Other Common
Detection AliasesCompany NameDetection NameahnlabWin32/Sdbot.worm.39075avastWin32:FindVM-D [Trj]AVG
(GriSoft)Dropper.Generic.ZCXAviraTR/S...

PWS-Gamania.gen.a!8B5B05E0

- PWS-Gamania.gen.a!8B5B05E0 at McAfee

File PropertyProperty ValueFileName!itw#60.exeMcAfee DetectionPWS-Gamania.gen.aLength122,049
bytesCRC8B5B05E0MD5857FC9DF9BDC2158B0F5D23944D67035SHA1B81DDD5CEB9D08C4750E5A554CBDDC8CF24C7DF4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Vaklik.122049avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AOAviraTR/...

PWS-Gamania.gen.a!3DD3E225

- PWS-Gamania.gen.a!3DD3E225 at McAfee

File PropertyProperty ValueFileName!itw#590.exeMcAfee DetectionPWS-Gamania.gen.aLength117,029
bytesCRC3DD3E225MD573894E52FD1D9C1BE63CAC4389A27E3FSHA1E7D6B836C84117B44386FE663E78A01C5B2A9D86Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Vaklik.117131avastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AZAviraTR...

PWS-Gamania.gen.a!AD523F1E

- PWS-Gamania.gen.a!AD523F1E at McAfee

File PropertyProperty ValueFileName!itw#589.exeMcAfee DetectionPWS-Gamania.gen.aLength162,808
bytesCRCAD523F1EMD56EC094439137B45DF77E7400D27C1E05SHA1A3C34DBB5C8BF9E99C9A2BF7371238027C831C1COther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AOAviraTR...

PWS-Gamania.gen.a!C352801F

- PWS-Gamania.gen.a!C352801F at McAfee

File PropertyProperty ValueFileName!itw#588.exeMcAfee DetectionPWS-Gamania.gen.aLength120,867
bytesCRCC352801FMD55F790ED513DEA0CF7571BCD6DC7C7549SHA1BF056FE1E762A8B67F95D613E6DCBA7E37576D67Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AZAviraTR...

PWS-Gamania.gen.a!563A5114

- PWS-Gamania.gen.a!563A5114 at McAfee

File PropertyProperty ValueFileName!itw#587.exeMcAfee DetectionPWS-Gamania.gen.aLength106,510
bytesCRC563A5114MD55A95C1B8ED4DC4073AD89CDDC7401D4ASHA17975C732AD4E489D3348CFA337CA8B93D99AE2D1Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)Worm/AutoRun.BCAviraTR/Cr...

PWS-Gamania.gen.a!C7E00D25

- PWS-Gamania.gen.a!C7E00D25 at McAfee

File PropertyProperty ValueFileName!itw#586.exeMcAfee DetectionPWS-Gamania.gen.aLength105,588
bytesCRCC7E00D25MD5572D8093D85A72F81EC9CBC0DBE55FD6SHA138D919F3CB458500AE4A0F72DA4E2460B4260DA2Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.107520.HavastWin32:Oliga [Trj]AVG
(GriSoft)Worm/AutoRun.BC...

PWS-Gamania.gen.a!BF99BDDF

- PWS-Gamania.gen.a!BF99BDDF at McAfee

File PropertyProperty ValueFileName!itw#584.exeMcAfee DetectionPWS-Gamania.gen.aLength116,300
bytesCRCBF99BDDFMD543E306A602ACAEFCAE58E5A071D8DCF5SHA18BEA23605267CAB0030526D1379D2D15B2E84937Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AZAviraTR...

PWS-Gamania.gen.a!F94E1514

- PWS-Gamania.gen.a!F94E1514 at McAfee

File PropertyProperty ValueFileName!itw#582.exeMcAfee DetectionPWS-Gamania.gen.aLength118,723
bytesCRCF94E1514MD51AAB91C4EB2867EAA4714D0E3E8A3823SHA116B312F1BA6BF6610AC4AA2F2D341A8EA2EF4A6COther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AZAviraTR...

PWS-Gamania.gen.a!335D3C2B

- PWS-Gamania.gen.a!335D3C2B at McAfee

File PropertyProperty ValueFileName!itw#583.exeMcAfee DetectionPWS-Gamania.gen.aLength117,655
bytesCRC335D3C2BMD53AC317D8D64149E5644B951749042407SHA1F74AF6FB68CD1E023435E99E2A94B38C28275AA1Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.118784.YavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames...

PWS-Gamania.gen.a!2020FB74

- PWS-Gamania.gen.a!2020FB74 at McAfee

File PropertyProperty ValueFileName!itw#581.exeMcAfee DetectionPWS-Gamania.gen.aLength119,097
bytesCRC2020FB74MD503DA86694BD07CD4DDEF88E27FA04229SHA117395FEA0DD3A04E67B4E44F39FA0B046CBA4FF5Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.119097.BavastWin32:Trojan-gen
{Other}AVG (GriSoft)Dropper....

W32/Mytob.gen@MM!053C6C5A

- W32/Mytob.gen@MM!053C6C5A at McAfee

File PropertyProperty ValueFileName!itw#256.exeMcAfee DetectionW32/Mytob.gen@MMLength36,352
bytesCRC053C6C5AMD54933396E6CE9BD86ACBF3F35633AC803SHA1C8FD0195064981FEDBEF11CA128C4B3A63517343Other Common
Detection AliasesCompany NameDetection NameahnlabWin32/Mytob.worm.36352.IavastWin32:Mytob-ID [Wrm]AVG
(GriSoft)I-Worm/Mytob.QUAviraWorm...

BackDoor-DOQ!993DC1E7

- BackDoor-DOQ!993DC1E7 at McAfee

File PropertyProperty ValueFileName!itw#446.exeMcAfee DetectionBackDoor-DOQLength20,480
bytesCRC993DC1E7MD5C28E15FE4F9037622BE1E2F2EEA91072SHA1DD33CFC382FBFCFE8CA197B2D5F9E179C9F81EA5Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Xema.variantavastWin32:Lineage-351 [Trj]AVG
(GriSoft)BackDoor.Generic9.AQXGAvir...

Generic.dx!162FCFC6

- Generic.dx!162FCFC6 at McAfee

File PropertyProperty ValueFileNamexrg5.exeMcAfee DetectionGeneric.dxLength20,992
bytesCRC162FCFC6MD53BF1337A9DC5548FB9E0B59937B1EA04SHA1CA4EC653F8816A72E31218F18E5DC0526CDEE790Other Common
Detection AliasesCompany NameDetection NameavastWin32:Adware-gen [Adw]AVG (GriSoft)sheur.corqAviraTR/BHO.
GeneSafe (Alladin)suspicious Trojan/Worm...

Puper!FE7CBA7F

- Puper!FE7CBA7F at McAfee

File PropertyProperty ValueFileNamexrg3.exeMcAfee DetectionPuperLength73,216
bytesCRCFE7CBA7FMD5B094B254D62A306781950E96FBC11430SHA128B8A4704C60E8AA667EE39CE6E9F205655D992FOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)Downloader.Zlob.
AEQRAviraTR/Zlob.awrBitDefenderTrojan.Zlob.33092e...

Downloader-BKQ!319B9195

- Downloader-BKQ!319B9195 at McAfee

File PropertyProperty ValueFileNamexrg4.exeMcAfee DetectionDownloader-BKQLength22,528
bytesCRC319B9195MD5668BA02B85B162B657F341B2FD283E99SHA1DEEB1DB3B7DDDE359FC1DAF3F1B2527AD725EDBAOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Downloader.Generic7.BAFXAviraTR/Drop.Zlob.
FVEsetWin32/TrojanDownloader.FakeAlert.LXFo...

FakeAlert-AB!65BB847F

- FakeAlert-AB!65BB847F at McAfee

File PropertyProperty ValueFileNamevirrl2~1.exeMcAfee DetectionFakeAlert-ABLength1,810,432
bytesCRC65BB847FMD54A7483EDA6BD1875C169115AFE9D0E67SHA1215210B3A7AE8AD04A908798ED666BD40B33100AOther Common
Detection AliasesCompany NameDetection NameavastWin32:Adware-gen [Adw]AVG (GriSoft)generic_c.yowAviraTR/FakeAV.
bbhEsetWin32/Adware.Virus...

PWS-Gamania.gen.a!71D489B3

- PWS-Gamania.gen.a!71D489B3 at McAfee

File PropertyProperty ValueFileName!itw#438.exeMcAfee DetectionPWS-Gamania.gen.aLength117,886
bytesCRC71D489B3MD53B268626CF3162FE748465FBF713CDCCSHA1D995F22C951EE71200878806A3934898AD0282EAOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Oliga [Trj]AVG
(GriSoft)PSW.OnlineGames.AZAviraTR...

W32/Autorun.worm.g!E0636515

- W32/Autorun.worm.g!E0636515 at McAfee

File PropertyProperty ValueFileNamevirus.exeMcAfee DetectionW32/Autorun.worm.gLength180,224
bytesCRCE0636515MD5EFF188F0014FB7477DE1B28B4319CBBBSHA1E6ACC1755736EAE8275F8E08348F737EF9325562Other Common
Detection AliasesCompany NameDetection NameavastWin32:Delf-LBZ [Trj]AVG (GriSoft)worm/delf.
ibiBitDefenderTrojan.Delf.Inject.AWDr.WebTro...

Generic PUP.a!CFD5EF90

- Generic PUP.a!CFD5EF90 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

W32/Koobface.worm!E7E286D3

- W32/Koobface.worm!E7E286D3 at McAfee

File PropertyProperty ValueFileNamekenny18.exeMcAfee DetectionW32/Koobface.wormLength20,480
bytesCRCE7E286D3MD55D5610AB0C21D8B5F2E5D9DEA57E1C06SHA1BD2F1F3666F6255CFC38CCB1A45C5FA48C1497CBOther Common
Detection AliasesCompany NameDetection NameahnlabWin32/Koobface.worm.20480avastWin32:Trojan-gen
{Other}AviraTR/Downloader.GenBitDefende...

W32/Koobface.worm!F73A6BE0

- W32/Koobface.worm!F73A6BE0 at McAfee

File PropertyProperty ValueFileNamekenny17.exeMcAfee DetectionW32/Koobface.wormLength19,456
bytesCRCF73A6BE0MD5A5581A695CC8C52157AA9D413032BBB8SHA148780F397C2BF2C8BA8E63FE30AF494CE85BD76COther Common
Detection AliasesCompany NameDetection NameahnlabWin32/Koobface.worm.19456.BavastWin32:Trojan-gen
{Other}AviraTR/Downloader.GenBitDefen...

W32/Autorun.worm.bz!F88FF127

- W32/Autorun.worm.bz!F88FF127 at McAfee

File PropertyProperty ValueFileName!itw#437.exeMcAfee DetectionW32/Autorun.worm.bzLength236,717
bytesCRCF88FF127MD52B97F36CA766B5FF8E1E1ECBAA80D1ABSHA1FF33A1D944F6F2B6C2888FE472A8756119E29AD1Other Common
Detection AliasesCompany NameDetection NameahnlabWin32/Autorun.worm.236717avastWin32:Trojan-gen {Other}AVG
(GriSoft)Worm/Autoit.CRR...

Generic Downloader.x!F2A7FAE8

- Generic Downloader.x!F2A7FAE8 at McAfee

File PropertyProperty ValueFileNameiebtm.exeMcAfee DetectionGeneric Downloader.xLength19,968
bytesCRCF2A7FAE8MD595033B9D2098D2D74CBE09952E732837SHA125AFFB1A4C2AEF720E0C3F533B59D97F3368DA3FOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)Downloader.Zlob.AEPBeSafe
(Alladin)suspicious Tro...

Puper!D422BCFA

- Puper!D422BCFA at McAfee

File PropertyProperty ValueFileName!itw#67.exeMcAfee DetectionPuperLength7,680
bytesCRCD422BCFAMD5CAF1DCB75F7FD2404C8FE29B517A95A9SHA11F2BED4D2606055EFB8B207D07EB26A9393FBAC1Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Agent.7680.FSavastWin32:Rootkit-gen [Rtk]AVG
(GriSoft)worm/generic.jrmAviraBDS/Agent.qyo...

Generic PWS.y!EE6C137C

- Generic PWS.y!EE6C137C at McAfee

File PropertyProperty ValueFileNamef.exeMcAfee DetectionGeneric PWS.yLength42,498
bytesCRCEE6C137CMD575AF8AEF0381FA32F2567A869BEB47EESHA1E316CFD468E921CECACC85FD3DA094150B9BF1BEOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Agent.42498avastWin32:Spyware-gen [Trj]AVG
(GriSoft)agent.afgvAviraTR/Agent.agmuBitDe...

TROJ_DLOADR.HR

- TROJ_DLOADR.HR at Trend Micro

...

TROJ_DLOADR.HD

- TROJ_DLOADR.HD at Trend Micro

This Trojan arrives as attachment to email messages spammed by another malware or a malicious user.It drops
copies of itself. It injects threads into normal processes.It modifies registry entries to enable its
automatic execution at every system startup.It connects to Web sites to download malicious files detected by
Trend Micro as ...

TROJ_FAKEAV.KX

- TROJ_FAKEAV.KX at Trend Micro

...

WORM_RUNAUTO.AF

- WORM_RUNAUTO.AF at Trend Micro

Upon execution, it creates a folder and drops a copy of itself on the created folder. It also drops
non-malicious files on the affected system.This worm drops copies of itself in all removable drives. It also
drops an AUTORUN.INF file to automatically execute its dropped copies when the said drives are accessed.It
also searches for f...

TROJ_ZBOT.OU

- TROJ_ZBOT.OU at Trend Micro

This Trojan arrives as a file downloaded from a certain URL.Upon execution, it drops a copy of itself and its
components on the system. It modifies the system registry to enable its automatic execution at every system
startup.It then attempts to access a certain Web site to download its configuration file. The said file
contains info...

TROJ_VB.JBG

- TROJ_VB.JBG at Trend Micro

...

TROJ_ZBOT.US

- TROJ_ZBOT.US at Trend Micro

This Trojan arrives as a file downloaded from a remote URL.When executed, it drops a copy of itself in the
system folder. It creates a folder with attributes System and Hidden, where it drops non-malicious files.It
creates or modifies registry entries to enable its automatic execution at system startup. This Trojan injects
itself int...

BatGen.D

- BatGen.D at Panda

It is a malicious tool which allows to create any type of malware with different functions, such as spreading
via P2P programs, deleting and/or downloading files, restarting or logging off the computer, etc.
...

Troj/Agent-IAC

- Troj/Agent-IAC at Sophos

Troj/Agent-IAC is a Trojan for the Windows platform. When run
Troj/Agent-IAC creates the file <Program Files>\Manager.exe. This file is detected as Troj/GrayBrd-CL.
Registry entries are created under:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_...

Troj/Backdr-AD

- Troj/Backdr-AD at Sophos

...

Troj/Bancos-BEL

- Troj/Bancos-BEL at Sophos

...

Troj/Banker-ENV

- Troj/Banker-ENV at Sophos

...

Troj/Bifrose-WM

- Troj/Bifrose-WM at Sophos

...

Troj/Bifrose-WN

- Troj/Bifrose-WN at Sophos

Troj/Bifrose-WN is a Trojan for the Windows platform. When run
Troj/Bifrose-WN copies itself to <System>\rost\er.exe.
...

Troj/Keylog-KT

- Troj/Keylog-KT at Sophos

...

Troj/PWS-AUW

- Troj/PWS-AUW at Sophos

...

Troj/PWS-AUX

- Troj/PWS-AUX at Sophos

...

Troj/WowPWS-BF

- Troj/WowPWS-BF at Sophos

...

Trojan-Spy:W32/Gimmiv.A

- Trojan-Spy:W32/Gimmiv.A at F-Secure

This type of trojan secretly installs spy programs and/or keylogger programs.
...

Bloodhound.Exploit.212

- Bloodhound.Exploit.212 at Norton Symantec

Bloodhound.Exploit.212 is a heuristic detection for files attempting to exploit Microsoft Windows Server
Service RPC Handling Remote Code Execution Vulnerability (BID 31874).
...

Generic PUP.x!5304B962

- Generic PUP.x!5304B962 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

PWS-OnlineGames.cp!B5A273B9

- PWS-OnlineGames.cp!B5A273B9 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength111,364
bytesCRCB5A273B9MD5407F77E66C8BCAEA3D7AC7A0274D9547SHA10BD35A1BD7D3E417F10AA6AA519F04F55B5D274DAvert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumWrites
executable in the windows fold...

PWS-OnlineGames.cp!BA224323

- PWS-OnlineGames.cp!BA224323 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength120,580
bytesCRCBA224323MD58CBA283F73881CAE071B935959B7B4DFSHA151BB8701F29CDA1844948EB8B5672147025F67A3Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates running processesMediumWrites
executable in the windows folder...

PWS-OnlineGames.a!8649006C

- PWS-OnlineGames.a!8649006C at McAfee

File PropertyProperty ValueFileName100_15~1.exeMcAfee DetectionPWS-OnlineGames.aLength185,856
bytesCRC8649006CMD5D14A66FC8F9B14FAFA254C0A6E4C3320SHA1DF7B68FCAED2865D3AA62973E126853D37CBE42AOther Common
Detection AliasesCompany NameDetection NameAviraTR/ATRAPS.GenBitDefenderTrojan.Generic.759478clamavTrojan.
Buzus-2903Dr.WebBackDoor.Po...

PWS-OnlineGames.a!D829D7BD

- PWS-OnlineGames.a!D829D7BD at McAfee

File PropertyProperty ValueFileName100_16~1.exeMcAfee DetectionPWS-OnlineGames.aLength185,856
bytesCRCD829D7BDMD5465737264A57D746C5887E0A4D300F6DSHA12BF39722DC98F7C06210D266B28B46827C4CCA8COther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Trojan.Buzus.mwaAviraDR/Delphi.GenBitDefenderTrojan.
Generic.759478clamavTroja...

RubyFortune!CF6B52D5

- RubyFortune!CF6B52D5 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

W32/Sality!AD788F49

- W32/Sality!AD788F49 at McAfee

File PropertyProperty ValueFileNamevsemas.exeMcAfee DetectionW32/SalityLength445,389
bytesCRCAD788F49MD5D10352B330DEF46ADD491E8CF7C33ACDSHA1ACCC7A29BA9C4D7C765D82A2085DD12009AA10C1Other Common
Detection AliasesCompany NameDetection NameBitDefenderWin32.Sality.OGDr.WebWin32.Sector.12EsetWin32/Sality.
NAUF-ProtW32/Sality.akKasperskyViru...

PWS-OnlineGames.cp!D7A5F218

- PWS-OnlineGames.cp!D7A5F218 at McAfee

File PropertyProperty ValueFileNamehelp.exeMcAfee DetectionPWS-OnlineGames.cpLength110,340
bytesCRCD7A5F218MD5A6ACEF2575268D66D6F16E92471CFC7DSHA17690CD2F68FC12B9AD9F0B0A1F6161AC32EE1702Other Common
Detection AliasesCompany NameDetection NameAviraTR/Crypt.CFI.GenFortiNetSuspiciousF-ProtW32/Vaklik.gen
(suspicious)pandaSuspiciousAvert&...

Spy-Agent.da.dll

- Spy-Agent.da.dll at McAfee

Use the latest Engine/Dats...

Spy-Agent.da!bat

- Spy-Agent.da!bat at McAfee

Use the latest Engine/Dats...

Generic PWS.y!C91DA1B9

- Generic PWS.y!C91DA1B9 at McAfee

File PropertyProperty ValueFileNamen2.exeMcAfee DetectionGeneric PWS.yLength397,312
bytesCRCC91DA1B9MD5F173007FBD8E2190AF3BE7837ACD70A4SHA1BE71878C08544E093AB41F245C32E76259181BF8Other Common
Detection AliasesCompany NameDetection NameDr.WebDLOADER.PWS.Trojanmicrosofttrojanspy:win32/gimmiv.
apandaSuspicious filerisingTrojan.Spy.Win32....

Generic Downloader.x!2217348D

- Generic Downloader.x!2217348D at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric Downloader.xLength10,240
bytesCRC2217348DMD518BC3EA8F0EC094E5A8BACF19E4413B0SHA158E7A21DC50CBAA9C5EFA2ABB08986F85E58D816Other Common
Detection AliasesCompany NameDetection NameavastWin32:Lighty-BAVG (GriSoft)sheur.cqdnmicrosofttrojandownloader:
win32/renosSymantecTro...

Generic.dx!7122226A

- Generic.dx!7122226A at McAfee

File PropertyProperty ValueFileNamesmartu~2.exeMcAfee DetectionGeneric.dxLength524,800
bytesCRC7122226AMD53F215E4F51AA3981596D599F3E4B8CA3SHA1FF0C7CE64F5BB446CAEE8B87440E0700F4358021Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Generic10.BDWUAviraTR/Crypt.XDR.GeneSafe
(Alladin)Trojan/Worm [101] (suspicious)Fort...

BackDoor-AWQ.b!B43EA972

- BackDoor-AWQ.b!B43EA972 at McAfee

File PropertyProperty ValueFileNamentoetect.exeMcAfee DetectionBackDoor-AWQ.bLength608,256
bytesCRCB43EA972MD58F323EA64AA21F9831B8BB486AD87275SHA117FEAAFC3011F399B70D9789F4B554919352DBEEOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Xema.variantavastWin32:Oliga [Trj]AVG
(GriSoft)SHeur.VCLAviraBDS/Backdoor.Ge...

Troj/Bancos-BEQ

- Troj/Bancos-BEQ at Sophos

...

Troj/Banker-ENY

- Troj/Banker-ENY at Sophos

Troj/Banker-ENY is a Trojan for the Windows platform. When run
Troj/Banker-ENY creates the following registry entry:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run <name of Trojan> <path to
Trojan executable>\<name of Trojan>.exe ...

Troj/BHO-HM

- Troj/BHO-HM at Sophos

...

Troj/DwnLdr-HJO

- Troj/DwnLdr-HJO at Sophos

Troj/DwnLdr-HJO is a Trojan for the Windows platform.
...

Troj/DwnLdr-HJP

- Troj/DwnLdr-HJP at Sophos

Troj/DwnLdr-HJP is a Trojan for the Windows platform. When run
Troj/DwnLdr-HJP copies itself to <Windows>\service.exe and sets the following registry entries:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx Windows Service
service.exe ...

Troj/FakeVir-GQ

- Troj/FakeVir-GQ at Sophos

...

Troj/Mdrop-BWK

- Troj/Mdrop-BWK at Sophos

Troj/Mdrop-BWK is a Trojan for the Windows platform. When run, it creates
the files <System>\server.exe - detected as Troj/Banker-ENY <System>\video.
exe - detected as Troj/DwnLdr-HJO...

Troj/Agent-IAI

- Troj/Agent-IAI at Sophos

...

Troj/Dloadr-BWV

- Troj/Dloadr-BWV at Sophos

...

0 writebacks [10/24/2008 09:02] [] permanent link

Virus Malware and Threat News for 20081022

HTML_EXPLOIT.NI

- HTML_EXPLOIT.NI at Trend Micro

This malicious HTML file may be downloaded unknowingly by a user when visiting malicious Web sites.It may be
hosted on a Web site and run when a user accesses the said Web site.It contains an IFRAME tag that connects to
a certain URL. However, as of this writing, the said URL is inaccessible.
...

TROJ_BANKER.FRU

- TROJ_BANKER.FRU at Trend Micro

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by
users when visiting malicious Web sites.Upon execution, it drops a copy of itself in the system. It creates
registry entry to enable its automatic execution at every system startup.It tracks the Web browsing activities
on the aff...

TROJ_ZBOT.AJD

- TROJ_ZBOT.AJD at Trend Micro

This Trojan arrives as a file downloaded from a remote URL.Upon execution, It drops a copy of itself in the
system folder. It creates a folder with attributes System and Hidden, where it drops non-malicious files.It
creates registry entries to enable its automatic execution at system startup. It injects itself into the
legitimate pro...

TROJ_BANKER.EBN

- TROJ_BANKER.EBN at Trend Micro

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by
users when visiting malicious Web sites.It displays an official-looking interface that prompts a user to
update electronic keys to allow transaction in Banco Bradesco Web site. Below is a screenshot of the said
interface: It requ...

YahooPsw.S

- YahooPsw.S at Panda

It is designed to steal the user's login credentials to access the Yahoo Messenger. Once obtained, the
information is sent via email. It reaches the computer in a file with the icon of a bar code.
...

Troj/Bckdr-QPY

- Troj/Bckdr-QPY at Sophos

...

Troj/FakeVir-GO

- Troj/FakeVir-GO at Sophos

...

Troj/VBDown-E

- Troj/VBDown-E at Sophos

Troj/VBDown-E is a downloader Trojan for the Windows platform. The
following registry entry is created to run Troj/VBDown-E on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run <filename of the Trojan executable>
<pathname of the Troja...

Troj/VBDown-F

- Troj/VBDown-F at Sophos

...

W32/Autorun-MK

- W32/Autorun-MK at Sophos

When W32/Autorun-MK is first executed it copies itself to: <Program
Files>Microsoft Common\wuauclt.exe W32/Autorun-MK create the following files on
attached removable storage devices: <Root>\autorun.inf - detected as
Mal/AutoInf-A ...

W32/Ceel-B

- W32/Ceel-B at Sophos

...

Troj/Agent-HZR

- Troj/Agent-HZR at Sophos

Sophos updated detection of Troj/Agent-HZR in agen-hzu.ide (published 21 October 2008 19:24 GMT)
to remove a possible misdetection originally issued in pdfex-aa.ide (published 21 October 2008 17:18 GMT).
This issue is now resolved. Please contact technical support if you require further
information....

Troj/Agent-HZU

- Troj/Agent-HZU at Sophos

...

Troj/FakeAV-FC

- Troj/FakeAV-FC at Sophos

Troj/FakeAV-FC is a Trojan for the Windows platform that drops a file detected as Mal/EncPk-CZ.
...

Troj/Agent-HZI

- Troj/Agent-HZI at Sophos

...

PWS-Gamania.gen.a!C9BA19AC

PWS-Gamania.gen.a!AFB3A234

W32/Sdbot.worm!8E5538A0

PWS-Gamania.gen.a!8B5B05E0

PWS-Gamania.gen.a!3DD3E225

PWS-Gamania.gen.a!AD523F1E

PWS-Gamania.gen.a!C352801F

PWS-Gamania.gen.a!563A5114

PWS-Gamania.gen.a!C7E00D25

PWS-Gamania.gen.a!BF99BDDF

PWS-Gamania.gen.a!F94E1514

PWS-Gamania.gen.a!335D3C2B

PWS-Gamania.gen.a!2020FB74

W32/Mytob.gen@MM!053C6C5A

BackDoor-DOQ!993DC1E7

Generic.dx!162FCFC6

Puper!FE7CBA7F

Downloader-BKQ!319B9195

FakeAlert-AB!65BB847F

PWS-Gamania.gen.a!71D489B3

W32/Autorun.worm.g!E0636515

Generic PUP.a!CFD5EF90

W32/Koobface.worm!E7E286D3

W32/Koobface.worm!F73A6BE0

W32/Autorun.worm.bz!F88FF127

Generic Downloader.x!F2A7FAE8

Puper!D422BCFA

Generic PWS.y!EE6C137C

TROJ_DLOADR.HR

- TROJ_DLOADR.HR at Trend Micro

...

TROJ_DLOADR.HD

TROJ_FAKEAV.KX

- TROJ_FAKEAV.KX at Trend Micro

...

WORM_RUNAUTO.AF

TROJ_ZBOT.OU

TROJ_VB.JBG

- TROJ_VB.JBG at Trend Micro

...

TROJ_ZBOT.US

BatGen.D

Troj/Agent-IAC

Troj/Backdr-AD

- Troj/Backdr-AD at Sophos

...

Troj/Bancos-BEL

- Troj/Bancos-BEL at Sophos

...

Troj/Banker-ENV

- Troj/Banker-ENV at Sophos

...

Troj/Bifrose-WM

- Troj/Bifrose-WM at Sophos

...

Troj/Bifrose-WN

- Troj/Bifrose-WN at Sophos

Troj/Bifrose-WN is a Trojan for the Windows platform. When run
Troj/Bifrose-WN copies itself to <System>\rost\er.exe.
...

Troj/Keylog-KT

- Troj/Keylog-KT at Sophos

...

Troj/PWS-AUW

- Troj/PWS-AUW at Sophos

...

Troj/PWS-AUX

- Troj/PWS-AUX at Sophos

...

Troj/WowPWS-BF

- Troj/WowPWS-BF at Sophos

...

0 writebacks [10/23/2008 09:01] [] permanent link

Virus Malware and Threat News for 20081021

Generic Downloader.x!BA7967DA

- Generic Downloader.x!BA7967DA at McAfee

File PropertyProperty ValueFileNames_8.exeMcAfee DetectionGeneric Downloader.xLength20,480
bytesCRCBA7967DAMD59F7C0F30C4DCE5A13D494648E842EF5BSHA171C5E3B8D22871017D92D0356C8C18E5C0AE2F2BOther Common
Detection AliasesCompany NameDetection NameavastWin32:VirtualizerAVG (GriSoft)generic11.abwpAviraTR/Crypt.
XPACK.GenBitDefenderBackdoor.P...

Proxy-Sysgam!4E6AEDA0

- Proxy-Sysgam!4E6AEDA0 at McAfee

File PropertyProperty ValueFileNames_1.exeMcAfee DetectionProxy-SysgamLength23,552
bytesCRC4E6AEDA0MD599A7A16ED37532752227B00E38C3FBD1SHA199D8CC57E337639A090110CE5CF7E3BC451EB687Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)win32/pepatch.iKasperskyPacked.Win32.PePatch.
dknormanw32/smalltroj.eeovpandaTrj/Agent.HN...

PWS-OnlineGames.cp!4630D9FC

- PWS-OnlineGames.cp!4630D9FC at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength122,116
bytesCRC4630D9FCMD523A428BA14ABC1071AE1DC7FE399EF3FSHA1128C79C696EDE4EEA4CF93255016FDC4B667575FOther Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Vundo!91C8D52A

- Vundo!91C8D52A at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelCreates registry keys and data
values to persist on OS rebootInformationalRegisters DLLsInformationalSystem ChangesThese are general defaults
for typical path variables. (Although they may differ, these examples are common.):%WinDir% = \WINDOWS
(Windows 9x/...

W32/Autorun.worm.gen!22FD1E46

- W32/Autorun.worm.gen!22FD1E46 at McAfee

File PropertyProperty ValueFileNameservet~1.exeMcAfee DetectionW32/Autorun.worm.genLength352,256
bytesCRC22FD1E46MD5ACEC6B20B5D2340587F45FE532DEE5B2SHA16516A96E957759D2A2911F31B34F3B38E8390991Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Xema.variantavastWin32:Crypt-SC [Trj]AVG
(GriSoft)downloader.generic7....

Generic Downloader.x!ABF3A454

- Generic Downloader.x!ABF3A454 at McAfee

File PropertyProperty ValueFileNameh.exeMcAfee DetectionGeneric Downloader.xLength58,372
bytesCRCABF3A454MD5ACF24A0091C6C7AB2EA6B44D03E2D1CESHA1BA42A2601C9F7B793549BA54BA91BD8D5D18252AOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Downloader.Zlob.AFBAKasperskyTrojan.Win32.Agent.
aidvmicrosoftTrojanDownloader:Win3...

Generic Downloader.x!7D5DDAF2

- Generic Downloader.x!7D5DDAF2 at McAfee

File PropertyProperty ValueFileNameb.exeMcAfee DetectionGeneric Downloader.xLength58,372
bytesCRC7D5DDAF2MD58F96943250FEF5BD21CAB70F2557B97ESHA11999EAA1966F33A1A3493F73936155477C021BA8Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Downloader.Zlob.AFBAAviraTR/Dldr.Small.exlDr.WebTrojan.
DownLoad.4882EsetWin32/Troj...

PWS-OnlineGames.y.dr!D5BDE733

- PWS-OnlineGames.y.dr!D5BDE733 at McAfee

File PropertyProperty ValueFileName100_11~1.exeMcAfee DetectionPWS-OnlineGames.y.drLength214,528
bytesCRCD5BDE733MD5A4871E15D115C4807F330D5EE5D39B8FSHA1A69C63144EA7E5FEFA0ABF9DB8AF84E1C5F52F2FOther Common
Detection AliasesCompany NameDetection NameAviraTR/ATRAPS.GenBitDefenderTrojan.Generic.759478Dr.WebBackDoor.
Poison.61EsetWin32/IRC...

PWS-OnlineGames.cp!CAA7AAE8

- PWS-OnlineGames.cp!CAA7AAE8 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength120,832
bytesCRCCAA7AAE8MD55A6753CC586483CE4C03C0BA1F4C0D53SHA1DA3AA1430547229CC34A5FFECCF293F49CEDAC17Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Generic Downloader.ab!76E10F98

- Generic Downloader.ab!76E10F98 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionGeneric Downloader.abLength184,488
bytesCRC76E10F98MD59E7741AAA5728C25F9358C8F7B084D2ESHA1C7F4C7094409E7D6E2D653E7871A1458610BDBBFOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Trojan-gen
{Other}AviraTR/PSW.OnlineGames.tnlrBitDef...

HTML_EXPLOIT.NI

TROJ_BANKER.FRU

TROJ_ZBOT.AJD

TROJ_BANKER.EBN

YahooPsw.S

Troj/Bckdr-QPY

- Troj/Bckdr-QPY at Sophos

...

Troj/FakeVir-GO

- Troj/FakeVir-GO at Sophos

...

Troj/VBDown-E

Troj/VBDown-F

- Troj/VBDown-F at Sophos

...

W32/Autorun-MK

W32/Ceel-B

- W32/Ceel-B at Sophos

...

Troj/Agent-HZR

Troj/Agent-HZU

- Troj/Agent-HZU at Sophos

...

Troj/FakeAV-FC

- Troj/FakeAV-FC at Sophos

Troj/FakeAV-FC is a Trojan for the Windows platform that drops a file detected as Mal/EncPk-CZ.
...

Troj/Agent-HZI

- Troj/Agent-HZI at Sophos

...

0 writebacks [10/22/2008 05:03] [] permanent link

Virus Malware and Threat News for 20081020

Troj/Agent-HYP

- Troj/Agent-HYP at Sophos

...

Troj/Agent-HYQ

- Troj/Agent-HYQ at Sophos

...

Troj/Dloadr-BWH

- Troj/Dloadr-BWH at Sophos

...

W32/Jeans-B

- W32/Jeans-B at Sophos

W32/Jeans-B copies itself to removable drives as imagenes.exe. W32/Jeans-B
copies itself to: <System32>\mexica.exe <Temp>\mexica.exe
<Windows>\system234.exe <Root>\imagenes.exe W32/Jeans-B creates
the registry...

Troj/Agent-HYO

- Troj/Agent-HYO at Sophos

...

Troj/Buzus-T

- Troj/Buzus-T at Sophos

...

Troj/Dloadr-BWF

- Troj/Dloadr-BWF at Sophos

...

Troj/Dloadr-BWG

- Troj/Dloadr-BWG at Sophos

...

Troj/FakeAle-IO

- Troj/FakeAle-IO at Sophos

...

Troj/Keylog-KS

- Troj/Keylog-KS at Sophos

...

Trojan-Downloader:W32/FakeAlert.BG

- Trojan-Downloader:W32/FakeAlert.BG at F-Secure

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....

Trojan-Downloader:W32/Renos.GEN

- Trojan-Downloader:W32/Renos.GEN at F-Secure

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....

W32.Harakit

- W32.Harakit at Norton Symantec

W32.Harakit is a worm that spreads by copying itself to network shares and removable drives. It may also
spread through instant messaging applications.
...

Infostealer.Bancos.AC

- Infostealer.Bancos.AC at Norton Symantec

Infostealer.Bancos.AC is a Trojan horse that steals information from the compromised computer.
...

TROJ_BANKER.FPF

- TROJ_BANKER.FPF at Trend Micro

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by
users when visiting malicious Web sites.Upon execution, it drops a copy of itself in the system. It modifies
the system registry to enable its automatic execution at every system startup.It tracks the Web browsing
activities on t...

TROJ_QHOST.YC

- TROJ_QHOST.YC at Trend Micro

This Trojan arrives on a system as a file dropped by other Trojan or as a file downloaded unknowingly by users
when visiting malicious sites.It modifies the affected system's HOSTS file. Modifications made to the HOSTS
file results in redirecting the user to {BLOCKED}.{BLOCKED}.91.33 whenever monitored sites are accessed. It
opens a ...

TROJ_BANLOAD.EXQ

- TROJ_BANLOAD.EXQ at Trend Micro

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by
users when visiting malicious sites.It drops several non-malicious files and a copy of itself on the affected
system. It also modifies the Windows registry such that it runs automatically at every system startup.It
monitors the I...

TROJ_ZBOT.AJC

- TROJ_ZBOT.AJC at Trend Micro

This Trojan arrives as a file downloaded from a remote URL.Upon execution, It drops a copy of itself in the
system folder. It creates a folder with attributes System and Hidden, where it drops non-malicious files.It
creates/modifies registry entries to enable its automatic execution at system startup. This Trojan injects
itself into ...

MS08-064

- MS08-064 at Panda

It is an important vulnerability in Virtual Address Descriptor Manipulation on Windows
2008/Vista/2003/XP computers, which allows local privilege escalation in the vulnerable computer.
...

MS08-063

- MS08-063 at Panda

It is an important vulnerability in the Server Message Block (SMB) on Windows 2008/Vista/XP/2000, which
allows hackers to gain remote control of the affected computer with the same privileges as the logged on user.
...

Troj/Dloadr-BWI

- Troj/Dloadr-BWI at Sophos

...

Troj/PWS-AUQ

- Troj/PWS-AUQ at Sophos

...

Troj/BHODrop-D

- Troj/BHODrop-D at Sophos

...

W32/Autorun-MF

- W32/Autorun-MF at Sophos

...

Packed.Generic.193

- Packed.Generic.193 at Norton Symantec

Packed.Generic.193 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...

MS08-066

- MS08-066 at Panda

It is an important vulnerability in the Ancillary Function Driver on Windows 2003/XP computers,
which allows local privilege escalation in the vulnerable computer.
...

MS08-065

- MS08-065 at Panda

It is an important vulnerability in the Message Queuing Service on Windows 2000, which allows hackers to gain
remote control of the affected computer with the same privileges as the logged on user.
...

Troj/Agent-HZB

- Troj/Agent-HZB at Sophos

...

Troj/Agent-HZC

- Troj/Agent-HZC at Sophos

...

Troj/Agent-HZD

- Troj/Agent-HZD at Sophos

...

Troj/Dldr-Q

- Troj/Dldr-Q at Sophos

...

Troj/Dloadr-BWL

- Troj/Dloadr-BWL at Sophos

...

Troj/Dloadr-BWM

- Troj/Dloadr-BWM at Sophos

...

Troj/VBDrop-I

- Troj/VBDrop-I at Sophos

...

W32/Fanbot-I

- W32/Fanbot-I at Sophos

W32/Fanbot-I is a worm for the Windows platform. W32/Fanbot-I includes
functionality to access the internet and communicate with a remote server via HTTP.
When first run W32/Fanbot-I copies itself to <System>\llwzjy081019.exe and creates the following files:
...

Mal/StartPa-D

- Mal/StartPa-D at Sophos

...

0 writebacks [10/21/2008 04:58] [] permanent link

Virus Malware and Threat News for 20081019

Troj/Dloadr-BWD

- Troj/Dloadr-BWD at Sophos

...

Troj/Dloadr-BWE

- Troj/Dloadr-BWE at Sophos

...

Troj/PSW-FW

- Troj/PSW-FW at Sophos

Troj/PSW-FW is a Trojan for the Windows platform.
...

Troj/Agent-HYJ

- Troj/Agent-HYJ at Sophos

...

Troj/Agent-HYK

- Troj/Agent-HYK at Sophos

...

Troj/Agent-HYL

- Troj/Agent-HYL at Sophos

...

Troj/Agent-HYM

- Troj/Agent-HYM at Sophos

...

Troj/Bancos-BEP

- Troj/Bancos-BEP at Sophos

...

Troj/Dloadr-BWB

- Troj/Dloadr-BWB at Sophos

...

Troj/Dloadr-BWC

- Troj/Dloadr-BWC at Sophos

...

Troj/Agent-HYP

- Troj/Agent-HYP at Sophos

...

Troj/Agent-HYQ

- Troj/Agent-HYQ at Sophos

...

Troj/Dloadr-BWH

- Troj/Dloadr-BWH at Sophos

...

W32/Jeans-B

Troj/Agent-HYO

- Troj/Agent-HYO at Sophos

...

Troj/Buzus-T

- Troj/Buzus-T at Sophos

...

Troj/Dloadr-BWF

- Troj/Dloadr-BWF at Sophos

...

Troj/Dloadr-BWG

- Troj/Dloadr-BWG at Sophos

...

Troj/FakeAle-IO

- Troj/FakeAle-IO at Sophos

...

Troj/Keylog-KS

- Troj/Keylog-KS at Sophos

...

Trojan-Downloader:W32/FakeAlert.BG

- Trojan-Downloader:W32/FakeAlert.BG at F-Secure

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....

Trojan-Downloader:W32/Renos.GEN

- Trojan-Downloader:W32/Renos.GEN at F-Secure

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....

W32.Harakit

- W32.Harakit at Norton Symantec

W32.Harakit is a worm that spreads by copying itself to network shares and removable drives. It may also
spread through instant messaging applications.
...

Infostealer.Bancos.AC

- Infostealer.Bancos.AC at Norton Symantec

Infostealer.Bancos.AC is a Trojan horse that steals information from the compromised computer.
...

TROJ_BANKER.FPF

TROJ_QHOST.YC

TROJ_BANLOAD.EXQ

TROJ_ZBOT.AJC

MS08-064

MS08-063

Troj/Dloadr-BWI

- Troj/Dloadr-BWI at Sophos

...

Troj/PWS-AUQ

- Troj/PWS-AUQ at Sophos

...

Troj/BHODrop-D

- Troj/BHODrop-D at Sophos

...

W32/Autorun-MF

- W32/Autorun-MF at Sophos

...

0 writebacks [10/20/2008 13:20] [] permanent link

Virus Malware and Threat News for 20081018

Worm:W32/AutoRun.NOI

- Worm:W32/AutoRun.NOI at F-Secure

AutoRun worm....

AntivirusPlasma

- AntivirusPlasma at Norton Symantec

BehaviorAntivirusPlasma is a misleading application that may give exaggerated reports of threats on the
computer....

Generic PWS.y!BECB677F

- Generic PWS.y!BECB677F at McAfee

File PropertyProperty ValueFileNamesample.exeMcAfee DetectionGeneric PWS.yLength491,747
bytesCRCBECB677FMD5F691CD46F79280DB4413B7C4F2A6D723SHA1E24E548A4DF4F259ED36F9F4499AED5740EE0FF1Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/NSAntiAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Crypt.Delf.AFFortiNetPossibleT...

PWS-OnlineGames.a!004815F5

- PWS-OnlineGames.a!004815F5 at McAfee

File PropertyProperty ValueFileName100_24~1.exeMcAfee DetectionPWS-OnlineGames.aLength185,344
bytesCRC004815F5MD5331445DDD2AC092B93119EF58EBB7190SHA1B6142421911777E951752CBDBFCDB2F2122EFEC3Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/NSAntiAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Crypt.Delf.AFeSafe (Alla...

W32/Autorun.worm.gen!8245B440

- W32/Autorun.worm.gen!8245B440 at McAfee

File PropertyProperty ValueFileNamemsdump~1.exeMcAfee DetectionW32/Autorun.worm.genLength176,128
bytesCRC8245B440MD553AE033EA4EBE6DA479161AE753C9D44SHA10C9B6DBB0E901DC7E1C8D38AC0A82EEEAF6CBC0DOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Generic8.MVDKasperskyWorm.Win32.AutoRun.
apcnormansandbox: w32/malwarepanda...

Generic PUP.x!06F91978

- Generic PUP.x!06F91978 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.x!950EAFC0

- Generic PUP.x!950EAFC0 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but the...

Generic PUP.x!92773562

- Generic PUP.x!92773562 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but the...

Generic PUP.x!736F1308

- Generic PUP.x!736F1308 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but the...

Generic Downloader.x!68E386BD

- Generic Downloader.x!68E386BD at McAfee

File PropertyProperty ValueFileNamemscode~1.exeMcAfee DetectionGeneric Downloader.xLength29,189
bytesCRC68E386BDMD522889E7F20167DE87BC4F2215B3806F1SHA19480FE902F1C1807BC1F8994E2633AE75F610359Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Downloader.Generic7.BAKFnormanw32/dloader.
kfblSymantecDownloaderOther detec...

MS08-062

- MS08-062 at Panda

It is an important vulnerability in the Windows Internet Printing Service on Windows 2008/Vista/XP/2000, which
allows hackers to gain remote control of the affected computer with the same privileges as the logged on user.
...

APop.A

- APop.A at Panda

It opens several advertising websites with Internet Explorer and a web page from which the emule can be
downloaded. If it is installed, besides the program, the adware program detected as Navipromo is also
installed. It does not spread automatically by its own means.
...

Troj/Agent-HYG

- Troj/Agent-HYG at Sophos

...

Troj/Agent-HYH

- Troj/Agent-HYH at Sophos

...

Troj/ASP-D

- Troj/ASP-D at Sophos

...

Troj/Dloadr-BWA

- Troj/Dloadr-BWA at Sophos

...

Troj/Bancban-RA

- Troj/Bancban-RA at Sophos

Troj/Bancban-RA is a Trojan for the Windows platform. When Troj/Bancban-RA
is installed the following files are created: <Program Files>\winrar\14m.exe -
detected as Troj/Lineag-CU <Program Files>\winrar\14m.txt - garbage data file
<Program...

W32/Acespade-A

- W32/Acespade-A at Sophos

W32/Acespade-A is a shortcut file overwriting virus. W32/Acespade-A
searches for files with a LNK extension and replaces them, usually with a copy of itself. The original file is
often called "[ ace of spades ].lnk".
...

Mal/Pushdo-C

- Mal/Pushdo-C at Sophos

Mal/Pushdo-C is a family of Trojans for the Windows platform. Members of
Mal/Pushdo-C typically attempt to drop files and to load other files directly into memory that are detected as
Troj/Pushu-Gen....

Troj/Agent-HYA

- Troj/Agent-HYA at Sophos

Troj/Agent-HYA is a Trojan for the Windows platform. Troj/Agent-HYA may
install a new version of the file <System>\msxml71.dll. Registry entries are
created under: HKCR\XML.
XML...

Troj/Agent-HYB

- Troj/Agent-HYB at Sophos

Troj/Agent-HYB is a Trojan for the Windows platform. When Troj/Agent-HYB is
installed it creates the file <Temp>\1.tmp.bat.
...

Troj/Dloadr-BWD

- Troj/Dloadr-BWD at Sophos

...

Troj/Dloadr-BWE

- Troj/Dloadr-BWE at Sophos

...

Troj/PSW-FW

- Troj/PSW-FW at Sophos

Troj/PSW-FW is a Trojan for the Windows platform.
...

Troj/Agent-HYJ

- Troj/Agent-HYJ at Sophos

...

Troj/Agent-HYK

- Troj/Agent-HYK at Sophos

...

Troj/Agent-HYL

- Troj/Agent-HYL at Sophos

...

Troj/Agent-HYM

- Troj/Agent-HYM at Sophos

...

Troj/Bancos-BEP

- Troj/Bancos-BEP at Sophos

...

Troj/Dloadr-BWB

- Troj/Dloadr-BWB at Sophos

...

Troj/Dloadr-BWC

- Troj/Dloadr-BWC at Sophos

...

0 writebacks [10/19/2008 05:08] [] permanent link

Virus Malware and Threat News for 20081017

Net-Worm:W32/Koobface.BM

- Net-Worm:W32/Koobface.BM at F-Secure

A type of worm that replicates by sending complete, independent copies of itself over a network.
...

Bloodhound.Exploit.211

- Bloodhound.Exploit.211 at Norton Symantec

Bloodhound.Exploit.211 is a heuristic definition for files that attempt to exploit Microsoft Excel BIFF File
Format Parsing Remote Code Execution Vulnerability (BID 31705).
...

Bloodhound.Exploit.210

- Bloodhound.Exploit.210 at Norton Symantec

Bloodhound.Exploit.210 is a heuristic detection for files attempting to exploit Microsoft Internet Explorer
Uninitialized Object Remote Memory Corruption Vulnerability (BID 31617).
...

Bloodhound.Exploit.209

- Bloodhound.Exploit.209 at Norton Symantec

Bloodhound.Exploit.209 is a heuristic detection for files attempting to exploit Microsoft Internet Explorer
HTML Objects Uninitialized Memory Corruption Vulnerability (BID 31618).
...

Backdoor.Bifrose.M

- Backdoor.Bifrose.M at Norton Symantec

Backdoor.Bifrose.M is a Trojan horse that opens a back door on the compromised computer.
...

Trojan.Konov.A

- Trojan.Konov.A at Norton Symantec

Trojan.Konov.A is a Trojan horse that sends premium rate SMS messages to a predetermined number.
...

Generic.dx!F6618B9F

- Generic.dx!F6618B9F at McAfee

File PropertyProperty ValueFileNameroadru~1.exeMcAfee DetectionGeneric.dxLength669,696
bytesCRCF6618B9FMD58179F19906CB596C4C43F75E208FEAD6SHA14F8BA690BF937539DB505A8C130D1331B33AC0BDOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)Generic10.
ALHABitDefenderTrojan.Generic.787839Dr.Web~BA...

MWS!98015935

- MWS!98015935 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

MWS!48D94CA6

- MWS!48D94CA6 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Boaxxe.dll!D4188E19

- Boaxxe.dll!D4188E19 at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

Boaxxe.dr!40694005

- Boaxxe.dr!40694005 at McAfee

File PropertyProperty ValueFileName025e282c.exeMcAfee DetectionBoaxxe.drLength115,200
bytesCRC40694005MD5025E282C02C3E46AEB6406D39BD688E5SHA1494335DD00AB6820C74B55AB9DD6EBDD0B2518E9Other Common
Detection AliasesCompany NameDetection NameAviraTR.Pakes.JVMBitDefenderTrojan.Boaxxe.KKasperskyTrojan.Win32.
Pakes.jvmmicrosoftTrojanDropper:W...

Generic.dx!CD049814

- Generic.dx!CD049814 at McAfee

File PropertyProperty ValueFileNamexp_ant~1.exeMcAfee DetectionGeneric.dxLength431,258
bytesCRCCD049814MD5F2B1C764BE5FA127A682869A72A75333SHA1659CB2065BEBFDAB79F298C57C8901E8099A79A9Other Common
Detection AliasesCompany NameDetection NameAviraTR/Dldr.FraudLoa.NCBitDefenderTrojan.Dropper.Delf.Crypt.GEMSI
SoftwareTrojan.Win32.Obfuscate...

PWS-OnlineGames.cp!111BCBED

- PWS-OnlineGames.cp!111BCBED at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength121,856
bytesCRC111BCBEDMD5B36741DD6EA987BB268E89772F60BF4ASHA16134F8752ECF97BB6133AC80ED7560B45FFC3860Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

PWS-Mmorpg.gen!4FE0A1BA

- PWS-Mmorpg.gen!4FE0A1BA at McAfee

File PropertyProperty ValueFileNameckvo.exeMcAfee DetectionPWS-Mmorpg.genLength104,028
bytesCRC4FE0A1BAMD5E87942A0B27B6488499D1D0FD860EB3DSHA10936A5CBB873A4CF588DC3034388A3A29412CA30Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)PSW.OnlineGames.2.SAviraTR/Crypt.XPACK.GenDr.WebTrojan.
PWS.Wsgame.4983eSafe (Alladin...

Tibs-Packed!ADC6C5FC

- Tibs-Packed!ADC6C5FC at McAfee

File PropertyProperty ValueFileNamett1dd~1.exeMcAfee DetectionTibs-PackedLength1,641,505
bytesCRCADC6C5FCMD56022BDBC57004CFBE216C2A26F8E491BSHA1B9DFE43F78A2E54D4CFF374600566A9B4C800FC1Other Common
Detection AliasesCompany NameDetection NameavastWin32:Adware-gen [Adw]AviraBDS/Frauder.LEBitDefenderTrojan.
FakeAV.CIclamavTrojan.Peed.IGDr...

PWS-OnlineGames.ce!E8A7A7BB

- PWS-OnlineGames.ce!E8A7A7BB at McAfee

File PropertyProperty ValueFileNamezt.exeMcAfee DetectionPWS-OnlineGames.ceLength17,035
bytesCRCE8A7A7BBMD5E53E5657FEDDA387481DC09F90CF795ASHA1AA8AB4B3F22C9A26E132012A073B48EBABFF71E7Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:OnLineGames-EZD
[Trj]AviraTR/Dropper.GenBitDefenderT...

PWS-OnlineGames.ce!22353348

- PWS-OnlineGames.ce!22353348 at McAfee

File PropertyProperty ValueFileNamewmsjxm.exeMcAfee DetectionPWS-OnlineGames.ceLength14,705
bytesCRC22353348MD55087369FDFEEE35A560A6777BA0B60EFSHA112ACA73B5D1A1D5B7D7BF61C28699214E9B40A56Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:OnLineGames-FAG
[Trj]AviraTR/Dropper.GenBitDefen...

PWS-OnlineGames.ce!D9A46EC7

- PWS-OnlineGames.ce!D9A46EC7 at McAfee

File PropertyProperty ValueFileNamewl.exeMcAfee DetectionPWS-OnlineGames.ceLength14,278
bytesCRCD9A46EC7MD5453A2984AC2143B747BBBC3DA9046BFFSHA150985CA48E9A4482A9A4B0F5F7352DB59B55F2DBOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:OnLineGames-EZD
[Trj]AviraTR/Dropper.GenBitDefenderT...

PWS-Mmorpg.gen!91308C55

- PWS-Mmorpg.gen!91308C55 at McAfee

File PropertyProperty ValueFileNametl.exeMcAfee DetectionPWS-Mmorpg.genLength19,681
bytesCRC91308C55MD5ADB93A151B91A2D1E4C5B21B3C8244F5SHA14BBC81D257D6C66D90AE2763EC0AA488B3F06821Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen
{Other}AviraTR/PSW.Online.akltBitDefenderMemS...

PWS-Mmorpg.gen!351EF365

- PWS-Mmorpg.gen!351EF365 at McAfee

File PropertyProperty ValueFileNameqqsuoxin.exeMcAfee DetectionPWS-Mmorpg.genLength17,825
bytesCRC351EF365MD5AA0F99CAB232BF6BE6CB22F09A4B0372SHA16D5CD40336C03959B2110BCD030A12B44F9E3FB4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen
{Other}AviraTR/Spy.Agent.nxaBitDefender...

PWS-OnlineGames.ce!CD2B6E97

- PWS-OnlineGames.ce!CD2B6E97 at McAfee

File PropertyProperty ValueFileNamerxjh.exeMcAfee DetectionPWS-OnlineGames.ceLength14,586
bytesCRCCD2B6E97MD5BB4198D696BE91F4B91CAE5D6743669CSHA120F306C5C367D7C2CCEBF79C0B6E7EDD85707817Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:OnLineGames-EZD
[Trj]AviraTR/Dropper.GenBitDefende...

Generic PWS.y!702E3B7E

- Generic PWS.y!702E3B7E at McAfee

File PropertyProperty ValueFileNamemh.exeMcAfee DetectionGeneric PWS.yLength11,024
bytesCRC702E3B7EMD52809691A60B290064291EF90E224686ESHA12A237CB99F40BB6C7C8C363CC40E7F8501EB9EAAOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)psw.onlinegames.
bapyAviraTR/Dropper.GenBitDefenderDropped:G...

PWS-OnlineGames.ce!FCF03F37

- PWS-OnlineGames.ce!FCF03F37 at McAfee

File PropertyProperty ValueFileNamekdxy.exeMcAfee DetectionPWS-OnlineGames.ceLength14,332
bytesCRCFCF03F37MD54FCAE10127CCD9643F21C1B1224FDABFSHA1ED21A82D6E6C732A3F7D9F1AAC13807501EBA2DCOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen {Other}AVG
(GriSoft)psw.generic6.aiwbAv...

PWS-OnlineGames.bj!2373039E

- PWS-OnlineGames.bj!2373039E at McAfee

File PropertyProperty ValueFileNamejz.exeMcAfee DetectionPWS-OnlineGames.bjLength13,312
bytesCRC2373039EMD5FC6250A16F5AC4D90EB9CB9AFC28CD91SHA1F15C9F91ED84807D339DC8E1F1962EA8E8AD99AAOther Common
Detection AliasesCompany NameDetection NameSymantecInfostealer.GampassTrend MicroMal_OLGM-15Avert® Labs has
observed the following syste...

PWS-OnlineGames.ce!8392C2FB

- PWS-OnlineGames.ce!8392C2FB at McAfee

File PropertyProperty ValueFileNamejxsj.exeMcAfee DetectionPWS-OnlineGames.ceLength14,130
bytesCRC8392C2FBMD55C3B30A196CC317590CA00E527548D6ESHA1706E031CA60CBF63512FD7DEA2CC0258C7EB169EOther Common
Detection AliasesCompany NameDetection Namenormanw32/packed_upack.aSymantecInfostealer.GampassTrend
MicroCryp_MangledAvert® Labs has o...

PWS-OnlineGames.bp!B44E313E

- PWS-OnlineGames.bp!B44E313E at McAfee

File PropertyProperty ValueFileNamecs1.exeMcAfee DetectionPWS-OnlineGames.bpLength11,776
bytesCRCB44E313EMD5C211F0CC63CFFB8B6DD29806CA726855SHA16E91238D396DEC49CCE86BB95D15E13C6E7374C0Other Common
Detection AliasesCompany NameDetection Namenormanw32/onlinegames.camvSymantecInfostealer.GampassAvert® Labs
has observed the following ...

PWS-OnlineGames.ce!D69DF654

- PWS-OnlineGames.ce!D69DF654 at McAfee

File PropertyProperty ValueFileNamecb.exeMcAfee DetectionPWS-OnlineGames.ceLength17,302
bytesCRCD69DF654MD5FC2521879F9F4FB887FBCC70877AD976SHA146C1A8CB6B394F108A76EC880A56214D7B4433DCOther Common
Detection AliasesCompany NameDetection Namenormanw32/packed_upack.aSymantecInfostealer.GampassTrend
MicroCryp_MangledAvert® Labs has obs...

Generic FakeAlert.d!9189CAE8

- Generic FakeAlert.d!9189CAE8 at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric FakeAlert.dLength10,240
bytesCRC9189CAE8MD5589C9AD6AD0B1BA321BFE31462AC1030SHA16CFB8A431DD6617078A1D311366AED669383984AOther Common
Detection AliasesCompany NameDetection NameavastWin32:Zbot-AQM [Trj]AVG (GriSoft)Downloader.Generic7.
BAEFAviraTR/Dldr.Agent.10240.25Bi...

Downloader-AZN!59B86642

- Downloader-AZN!59B86642 at McAfee

File PropertyProperty ValueFileName9exe~1.exeMcAfee DetectionDownloader-AZNLength38,088
bytesCRC59B86642MD573D7CB8878468A1B7060800619A3C003SHA1D511724F062C965958662A73CE5CA8EA84B28967Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIM [Trj]AviraTR/Dropper.GenBitDefenderGeneric.
Malware.SP!dldg.CAC92115eSafe (A...

BackDoor-AWQ!EFA98F43

- BackDoor-AWQ!EFA98F43 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,371
bytesCRCEFA98F43MD5DF2B2FAA1ED731626AF02ABDD19A5D31SHA1D3AB0D855A8596F97DAB639B3BF4F2128DAA0E42Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Trojan-gen
{Other}AviraTR/Thief.OnLineGames.togjBitDefenderTr...

Downloader-AZN!F997C541

- Downloader-AZN!F997C541 at McAfee

File PropertyProperty ValueFileName8exe~1.exeMcAfee DetectionDownloader-AZNLength38,092
bytesCRCF997C541MD5BB4C837A5C00A98E9DB55C29C0B4A4A5SHA1501F24A348C18FDFFB1883047C7DDCA793CC0B04Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIM [Trj]AviraTR/Dropper.GenBitDefenderGeneric.
Malware.SP!dldg.493DEB45eSafe (A...

Downloader-AZN!BB08966C

- Downloader-AZN!BB08966C at McAfee

File PropertyProperty ValueFileName7exe~1.exeMcAfee DetectionDownloader-AZNLength38,092
bytesCRCBB08966CMD59AC5574F4D5350E057031A286355722CSHA1656BD6F8C8EDD8F171BAB87883572DA3E91F8F17Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIM [Trj]AviraTR/Dropper.GenBitDefenderGeneric.
Malware.SP!dldg.493DEB45eSafe (A...

W32/Autorun.worm.gen!84ACA05F

- W32/Autorun.worm.gen!84ACA05F at McAfee

File PropertyProperty ValueFileName8.exeMcAfee DetectionDownloader-AZNLength38,080
bytesCRC84ACA05FMD5B82D1E0619C7664BF2F8ED8B412652AFSHA1EA24071A1A0E3E4045F3989E61B832732DD5FACEOther Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIM [Trj]AviraTR/Dropper.GenBitDefenderGeneric.
Malware.SP!dldg.DDA9DB9BeSafe (Alladi...

Downloader-AZN!CB4191E7

- Downloader-AZN!CB4191E7 at McAfee

File PropertyProperty ValueFileName6exe~1.exeMcAfee DetectionDownloader-AZNLength38,072
bytesCRCCB4191E7MD5D023439AE8223ADE3B2592A76B77BF37SHA14EBC3AA0DAD958AB54A42D7BAB8C0ED4F4B0351EOther Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIM [Trj]AviraTR/Dropper.GenBitDefenderGeneric.
Malware.SP!dldg.D518849DeSafe (A...

Downloader-AZN!BC5F48E0

- Downloader-AZN!BC5F48E0 at McAfee

File PropertyProperty ValueFileName5exe~1.exeMcAfee DetectionDownloader-AZNLength38,092
bytesCRCBC5F48E0MD51A0910F420421C0AED3A959EC3B9A781SHA1938DBE929F42E939151AF39C20E9C272E92C4B14Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-SIM [Trj]AviraTR/Dropper.GenBitDefenderGeneric.
Malware.SP!dldg.557C104EeSafe (A...

WORM_OTORUN.AM

- WORM_OTORUN.AM at Trend Micro

This worm may be downloaded from remote sites by other malware.It may be dropped by other malware.It may be
downloaded unknowingly by a user when visiting malicious Web sites.It creates folders. It drops copies of
itself. It creates registry entries to enable its automatic execution at every system startup.It drops copies
of itself i...

TROJ_AGENT.BRQ

- TROJ_AGENT.BRQ at Trend Micro

This Trojan may be dropped by other malware. It may arrive bundled with malware packages as a malware
component.It creates registry entries to enable its automatic execution at every system startup. It also
creates registry key(s)/entry(ies) as part of its installation routine.It requires a file to be installed on
the system in orde...

WORM_AUTORUN.ASL

- WORM_AUTORUN.ASL at Trend Micro

This worm may be downloaded from remote sites by other malware.It may be dropped by other malware.It may be
downloaded unknowingly by a user when visiting malicious Web sites.It drops a file detected as CRYP_XED-9.It
drops copies of itself in all physical drives.It drops copies of itself in all removable drives.It drops an
AUTORUN.IN...

TROJ_ZBOT.QT

- TROJ_ZBOT.QT at Trend Micro

This Trojan arrives on the system as a file downloaded from a certain URL.It downloads a configuration file
from a remote site, which contains the list of banking-related Web sites which this Trojan will monitor.It
retrieves user account information from Web sites that are related to certain banking institutions. Gathered
information...

WORM_ONLINEG.AFU

- WORM_ONLINEG.AFU at Trend Micro

This worm may arrive via removable drives. It also propagates via removable drives. It drops an AUTORUN.INF
file to automatically execute dropped copies when the drives are accessed.It drops a file which is detected as
TSPY_OLGAME.MS. It also downloads .RAR archives, contents of which are extracted to the affected system and
detected...

TROJ_BANKER.EDN

- TROJ_BANKER.EDN at Trend Micro

...

VBS_PSYME.DJY

- VBS_PSYME.DJY at Trend Micro

This VBScript may be hosted on a Web site and run when a user accesses the said Web site.It takes advantage of
the ADODB.STREAM Object Exploit, which causes a certain file to be downloaded from the Internet.It connects to
a Web site to download a file. However, as of the time of this writing, the said Web site is currently
inaccessib...

TROJ_DROPPER.FV

- TROJ_DROPPER.FV at Trend Micro

This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting
malicious Web sites.Upon execution, it drops files. It also executes files. It stays memory resident in the
affected system and injects code.It creates registry entries to enable its automatic execution at every system
startup.It ope...

WORM_AUTORUN.CTO

- WORM_AUTORUN.CTO at Trend Micro

This worm drops copies of itself in all removable drives.It drops an AUTORUN.INF file to automatically execute
dropped copies when the drives are accessed.It accesses Web sites to download file(s). As a result, malicious
routines of the downloaded files are exhibited on the affected system.It bears the icon of files related to
certai...

MS08-061

- MS08-061 at Panda

It is a group of important vulnerabilities in Windows Kernel on Windows Server 2008/Vista/2003/XP/2000
computers, which allows hackers to gain local privilege escalation.
...

MS08-060

- MS08-060 at Panda

It is a critical vulnerability in the Windows Active Directory on Windows 2000 computers, which allows hackers
to gain remote control of the affected computer with the same privileges as the logged on user.
...

MS08-059

- MS08-059 at Panda

It is a critical vulnerability in the Host Integration Server RPC Service, which allows hackers to gain remote
control of the affected computer with the same privileges as the logged on user.
...

MS08-058

- MS08-058 at Panda

It is a group of vulnerabilities in Internet Explorer versions 5.01 and 6 SP1 in Windows 2000, 6 on Windows
2003/XP computers and 7 in Windows 2008/Vista/2003/XP, which allows hackers to gain remote control of the
affected computer with the same privileges as the logged on user and information to be disclosed.
...

MS08-057

- MS08-057 at Panda

It is a group of critical vulnerabilities in certain versions of Excel, which allows hackers to gain remote
control of the affected computer with the same privileges as the logged-on user.
...

Troj/Agent-HXW

- Troj/Agent-HXW at Sophos

...

Troj/Agent-HXX

- Troj/Agent-HXX at Sophos

...

Troj/RootKit-DY

- Troj/RootKit-DY at Sophos

...

Mal/Psyme-A

- Mal/Psyme-A at Sophos

Mal/Psyme-A is a malicious script that exploits an Internet Explorer vulnerability to download and
execute remote content.
...

Troj/Agent-HXV

- Troj/Agent-HXV at Sophos

...

Troj/PWS-AUK

- Troj/PWS-AUK at Sophos

...

Troj/PWS-AUL

- Troj/PWS-AUL at Sophos

...

W32/AutoRun-MB

- W32/AutoRun-MB at Sophos

...

Mal/EncPk-FP

- Mal/EncPk-FP at Sophos

Mal/EncPk-FP is a malicious packed executable file, often used by members of the Pushdo and Pushu
family of Trojans.
...

Worm:W32/AutoRun.NOI

- Worm:W32/AutoRun.NOI at F-Secure

AutoRun worm....

AntivirusPlasma

- AntivirusPlasma at Norton Symantec

BehaviorAntivirusPlasma is a misleading application that may give exaggerated reports of threats on the
computer....

Generic PWS.y!BECB677F

PWS-OnlineGames.a!004815F5

W32/Autorun.worm.gen!8245B440

Generic PUP.x!06F91978

Generic PUP.x!950EAFC0

Generic PUP.x!92773562

Generic PUP.x!736F1308

Generic Downloader.x!68E386BD

MS08-062

APop.A

Troj/Agent-HYG

- Troj/Agent-HYG at Sophos

...

Troj/Agent-HYH

- Troj/Agent-HYH at Sophos

...

Troj/ASP-D

- Troj/ASP-D at Sophos

...

Troj/Dloadr-BWA

- Troj/Dloadr-BWA at Sophos

...

Troj/Bancban-RA

W32/Acespade-A

Mal/Pushdo-C

Troj/Agent-HYA

Troj/Agent-HYB

- Troj/Agent-HYB at Sophos

Troj/Agent-HYB is a Trojan for the Windows platform. When Troj/Agent-HYB is
installed it creates the file <Temp>\1.tmp.bat.
...

0 writebacks [10/18/2008 05:02] [] permanent link

Virus Malware and Threat News for 20081016

Net-Worm:W32/Koobface.BM

- Net-Worm:W32/Koobface.BM at F-Secure

A type of worm that replicates by sending complete, independent copies of itself over a network.
...

Bloodhound.Exploit.211

Bloodhound.Exploit.210

Bloodhound.Exploit.209

Backdoor.Bifrose.M

- Backdoor.Bifrose.M at Norton Symantec

Backdoor.Bifrose.M is a Trojan horse that opens a back door on the compromised computer.
...

Trojan.Konov.A

- Trojan.Konov.A at Norton Symantec

Trojan.Konov.A is a Trojan horse that sends premium rate SMS messages to a predetermined number.
...

Generic.dx!F6618B9F

MWS!98015935

MWS!48D94CA6

Boaxxe.dll!D4188E19

Boaxxe.dr!40694005

Generic.dx!CD049814

PWS-OnlineGames.cp!111BCBED

PWS-Mmorpg.gen!4FE0A1BA

Tibs-Packed!ADC6C5FC

PWS-OnlineGames.ce!E8A7A7BB

PWS-OnlineGames.ce!22353348

PWS-OnlineGames.ce!D9A46EC7

PWS-Mmorpg.gen!91308C55

PWS-Mmorpg.gen!351EF365

PWS-OnlineGames.ce!CD2B6E97

Generic PWS.y!702E3B7E

PWS-OnlineGames.ce!FCF03F37

PWS-OnlineGames.bj!2373039E

PWS-OnlineGames.ce!8392C2FB

PWS-OnlineGames.bp!B44E313E

PWS-OnlineGames.ce!D69DF654

Generic FakeAlert.d!9189CAE8

Downloader-AZN!59B86642

BackDoor-AWQ!EFA98F43

Downloader-AZN!F997C541

Downloader-AZN!BB08966C

W32/Autorun.worm.gen!84ACA05F

Downloader-AZN!CB4191E7

Downloader-AZN!BC5F48E0

WORM_OTORUN.AM

TROJ_AGENT.BRQ

WORM_AUTORUN.ASL

TROJ_ZBOT.QT

WORM_ONLINEG.AFU

TROJ_BANKER.EDN

- TROJ_BANKER.EDN at Trend Micro

...

VBS_PSYME.DJY

TROJ_DROPPER.FV

WORM_AUTORUN.CTO

MS08-061

- MS08-061 at Panda

It is a group of important vulnerabilities in Windows Kernel on Windows Server 2008/Vista/2003/XP/2000
computers, which allows hackers to gain local privilege escalation.
...

MS08-060

MS08-059

MS08-058

MS08-057

Troj/Agent-HXW

- Troj/Agent-HXW at Sophos

...

Troj/Agent-HXX

- Troj/Agent-HXX at Sophos

...

Troj/RootKit-DY

- Troj/RootKit-DY at Sophos

...

Mal/Psyme-A

- Mal/Psyme-A at Sophos

Mal/Psyme-A is a malicious script that exploits an Internet Explorer vulnerability to download and
execute remote content.
...

Troj/Agent-HXV

- Troj/Agent-HXV at Sophos

...

Troj/PWS-AUK

- Troj/PWS-AUK at Sophos

...

Troj/PWS-AUL

- Troj/PWS-AUL at Sophos

...

W32/AutoRun-MB

- W32/AutoRun-MB at Sophos

...

Mal/EncPk-FP

- Mal/EncPk-FP at Sophos

Mal/EncPk-FP is a malicious packed executable file, often used by members of the Pushdo and Pushu
family of Trojans.
...

0 writebacks [10/17/2008 05:12] [] permanent link

Virus Malware and Threat News for 20081014

Rootkit:W32/Agent.UI

- Rootkit:W32/Agent.UI at F-Secure

A program or set of programs which hides itself by subverting or evading the computer's security mechanisms,
then allows remote users to secretly control the computer's operating system.
...

Backdoor:W32/Hupigon.OGA

- Backdoor:W32/Hupigon.OGA at F-Secure

A remote administration utility which bypasses normal security mechanisms to secretly control a program,
computer, or network.
...

W32.Chuzy

- W32.Chuzy at Norton Symantec

W32.Chuzy is a virus that infects executable files on the compromised computer.
...

Generic BackDoor!BE52F922

- Generic BackDoor!BE52F922 at McAfee

File PropertyProperty ValueFileNamenvtemp~1.exeMcAfee DetectionGeneric BackDoorLength309,642
bytesCRCBE52F922MD5C5676C106DAF93EA70E0AF7B06BE2455SHA17CE4475ACC97F18F4AE56266D8B62DDDEDA5252DOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)backdoor.agent.vhreSafe (Alladin)Suspicious
fileKasperskyBackdoor.Win32.Agent....

PWS-OnlineGames.a!F85013D0

- PWS-OnlineGames.a!F85013D0 at McAfee

File PropertyProperty ValueFileNameha.exeMcAfee DetectionPWS-OnlineGames.aLength145,578
bytesCRCF85013D0MD54956E161414E365EF77C4D4A5E72B74DSHA19C8DECBB8C46B33ECFFAA285C39478BD2411C151Other Common
Detection AliasesCompany NameDetection NameavastWin32:Monga [Trj]AVG (GriSoft)PSW.OnlineGames.2.
AEAviraTR/ATRAPS.GenBitDefenderPacker.Malwa...

PWS-Mmorpg.gen!434319A8

- PWS-Mmorpg.gen!434319A8 at McAfee

File PropertyProperty ValueFileNamekavo.exeMcAfee DetectionPWS-Mmorpg.genLength118,984
bytesCRC434319A8MD53AB64E696DDA47F1CB35902AD66478CBSHA15E525E6A4C72F7CCDFA94C3841C5A8DBA8881574Other Common
Detection AliasesCompany NameDetection NameavastWin32:Rootkit-gen [Rtk]AviraHEUR/CryptedBitDefenderTrojan.PWS.
OnlineGames.ZZQeSafe (Alladin)...

PWS-OnlineGames.y.dr!067FF6DE

- PWS-OnlineGames.y.dr!067FF6DE at McAfee

File PropertyProperty ValueFileName100_28~1.exeMcAfee DetectionPWS-OnlineGames.y.drLength144,088
bytesCRC067FF6DEMD58C686198D4959A472CE3F933679BC658SHA138A6B1E6A4647CB372F742D75E51EDD87CB57D4EOther Common
Detection AliasesCompany NameDetection NameavastWin32:Monga [Trj]AVG (GriSoft)PSW.OnlineGames.2.
AEAviraTR/ATRAPS.GenBitDefenderPac...

W32/Autorun.worm.g!45B3641B

- W32/Autorun.worm.g!45B3641B at McAfee

File PropertyProperty ValueFileNameaktpro~1.exeMcAfee DetectionW32/Autorun.worm.gLength1,517,244
bytesCRC45B3641BMD5DB668D00742D597F400C9991B637BEDCSHA130A8550B9F48B6FF910906364F72085C300DDB16Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Xema.variantavastWin32:Trojan-gen {Other}AVG
(GriSoft)sheur.ciiiBitDef...

BackDoor-AWQ!8DFB6E6F

- BackDoor-AWQ!8DFB6E6F at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,462
bytesCRC8DFB6E6FMD52EDD46A62356178AFF070F70DED73C9FSHA1DF676EDEE076FA4C6D7589C73857727C0C64D449Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/HeurAviraHEUR/CryptedBitDefenderTrojan.Crypt.gqDr.Web...

Generic Dropper.p!AC8F8AB2

- Generic Dropper.p!AC8F8AB2 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionGeneric Dropper.pLength184,644
bytesCRCAC8F8AB2MD515FF3565303B3B2B15502596F08B0424SHA1C4A2F5A6783E6BAEB83D77BC1BAF75B7BB07F33DOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenavastWin32:Trojan-gen
{Other}AviraTR/Thief.OnLineGames.tnqkBitDefen...

Generic Dropper.p!A9C72DF4

- Generic Dropper.p!A9C72DF4 at McAfee

File PropertyProperty ValueFileName1_1_~1.exeMcAfee DetectionGeneric Dropper.pLength19,976
bytesCRCA9C72DF4MD5623BBA882843A6DAC3E7F6FBDE3F5D97SHA1DF1AFA7E68DA39CBD51FD8FC6E9F5C1352A0BDA4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/PEMaskAviraTR/Crypt.XPACK.GenBitDefenderTroj...

TROJ_RENOS.AMC

- TROJ_RENOS.AMC at Trend Micro

...

WORM_SYSTEM.AP

- WORM_SYSTEM.AP at Trend Micro

This worm may be dropped or downloaded from remote site(s) by other malware. It may also be downloaded
unknowingly by a user when visiting malicious Web site(s).This worm creates folders. It drops copies of itself.
It injects threads into normal processes. It creates registry entries to enable its automatic execution at
every system ...

BKDR_HAXDOOR.MU

- BKDR_HAXDOOR.MU at Trend Micro

...

TROJ_ROOTKIT.BI

- TROJ_ROOTKIT.BI at Trend Micro

This Trojan may be dropped by other malware. It may arrive bundled with malware packages as a malware
component.It creates registry entries to enable its automatic execution at every system startup.It is used by
other malware for its rootkit functionalities.
...

TROJ_RENOS.AOH

- TROJ_RENOS.AOH at Trend Micro

This Trojan may be downloaded from remote sites by other malware.It may be dropped by other malware.It may
arrive bundled with malware packages as a malware component.It disables Security Center functions by modifying
certain registry entries. As a result, the affected system is vulnerable to more attacks.It accesses Web sites
to dow...

TROJ_PANDEX.HG

- TROJ_PANDEX.HG at Trend Micro

This Trojan may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious
Web sites.It drops a file also detected as TROJ_PANDEX.HG.It attempts to login to certain mail servers. It
connects to certain URLs to download possibly malicious files.It also uploads files to a certain URL via HTTP
POST....

WORM_OTORUN.AJ

- WORM_OTORUN.AJ at Trend Micro

This worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be
downloaded unknowingly by a user when visiting malicious Web sites.Upon execution, it creates folders. It
drops copies of itself. It also creates registry key(s)/entry(ies) as part of its installation routine.It
drops copies ...

Spammer.AJR

- Spammer.AJR at Panda

It is designed to distribute rogue antimalware programs in spam messages that contain malicious links. It
does not spread automatically by its own means.
...

Banbra.GBQ

- Banbra.GBQ at Panda

It steals confidential information related to certain Brazilian banking entities. It is being
distributed in an email message which contains a notification coming from the Brazilian Regional Electoral
Court....

Troj/Mdrop-BWH

- Troj/Mdrop-BWH at Sophos

...

Troj/PSW-FV

- Troj/PSW-FV at Sophos

Troj/PSW-FV is a Trojan for the Windows platform.
...

Troj/Agent-HXJ

- Troj/Agent-HXJ at Sophos

...

Troj/Bckdr-QPW

- Troj/Bckdr-QPW at Sophos

...

Troj/DwnLdr-HJH

- Troj/DwnLdr-HJH at Sophos

...

OF97/Crown-E

- OF97/Crown-E at Sophos

OF97/Crown-E is a corrupted version of the OF97/Crown family.
...

Troj/Agent-HXH

- Troj/Agent-HXH at Sophos

...

Troj/Agent-HXI

- Troj/Agent-HXI at Sophos

...

Troj/BHO-HI

- Troj/BHO-HI at Sophos

Troj/BHO-HI is a Trojan for the Windows platform. The Troj/BHO-HI is
registered as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer, creating registry
entries under: HKCR\CLSID\{500BCA15-57A7-4eaf-8143-8C619470B13D}
HKCR\TypeLib...

0 writebacks [10/15/2008 04:56] [] permanent link

Virus Malware and Threat News for 20081013

Generic Dropper.p!EC44C9A3

- Generic Dropper.p!EC44C9A3 at McAfee

File PropertyProperty ValueFileNamefb6ed7.exeMcAfee DetectionGeneric Dropper.pLength1,513,696
bytesCRCEC44C9A3MD5C7F8902E83BA5F9EE36F2A2826938D66SHA1A47A3C3215312364085334BD9ED7C0D999DCDA4EOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)sheur.chyhAviraTR/Dropper.GenFortiNetW32/VB.HOP!tr.
dldrF-ProtW32/Nuj.A.gen!El...

Spy-Agent.bv.dldr!D24A9D45

- Spy-Agent.bv.dldr!D24A9D45 at McAfee

File PropertyProperty ValueFileNamepussy.exeMcAfee DetectionSpy-Agent.bv.dldrLength28,672
bytesCRCD24A9D45MD55A5DE6DBC7EBA6439CB4E0FB8E202D93SHA19804826DF620991D58A2F52BBCC52520169A6AECOther Common
Detection AliasesCompany NameDetection NameDr.WebBackDoor.Bulknet.237Eseta variant of Win32/Injector.
DOKasperskyTrojan-Dropper.Win32.Agen...

Spy-Agent.bw!D73ECED2

- Spy-Agent.bw!D73ECED2 at McAfee

File PropertyProperty ValueFileNameups_le~1.exeMcAfee DetectionSpy-Agent.bwLength36,864
bytesCRCD73ECED2MD5F5C7B70CD7BF9C72F26F8BE081AC5B57SHA1CA2690D563B753D0462FBB442B22E1AA59A962ACOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)agent.afuw warning: hidden extension .exeEsetunpack
errorFortiNetW32/Zlob.XQY!tr.dl...

Generic PWS.y!97084879

- Generic PWS.y!97084879 at McAfee

File PropertyProperty ValueFileNamefile.exeMcAfee DetectionGeneric PWS.yLength31,232
bytesCRC97084879MD5891CB27719B415545B3CB06B5BD47F77SHA1A1C7CB4AA50EF971C392D1DD89AFA138852FF112Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-LVZ [Rtk]AVG (GriSoft)SHeur.CNEB (Trojan
horse)AviraTR/Crypt.XDR.GeneSafe (Alladin...

Downloader-BKH!E5799EE1

- Downloader-BKH!E5799EE1 at McAfee

File PropertyProperty ValueFileNameporniv~1.exeMcAfee DetectionDownloader-BKHLength87,040
bytesCRCE5799EE1MD58C4FC8D38C350E4B968ECA1A5CC3F44ESHA1B3A7B01E75CD55078DBB6C6DE325F5C85DD8046EOther Common
Detection AliasesCompany NameDetection NameDr.WebTrojan.DownLoad.4419eSafe (Alladin)Suspicious fileEseta
variant of Win32/Kryptik.VFortiN...

Generic.dx!AECE0144

- Generic.dx!AECE0144 at McAfee

File PropertyProperty ValueFileNamelphc78~1.exeMcAfee DetectionGeneric.dxLength187,392
bytesCRCAECE0144MD5AF256EB3CF4DAA2DE04CB8AC3CC7786CSHA14416FA11005BAC44A1DA9E767400ED46F368075EOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)SHeur.CODO (Trojan horse)eSafe (Alladin)Suspicious
fileFortiNetSuspiciousKasperskyTr...

Generic Downloader.x!FBB9BEA5

- Generic Downloader.x!FBB9BEA5 at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric Downloader.xLength9,728
bytesCRCFBB9BEA5MD5BE87F629C6AE158BE68A2CF7A8EB3D67SHA1D9807FB2D62820B2F050915A8F27E5CD9CC68CEFOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)sheur.cnxiFortiNetSuspiciousmicrosofttrojandownloader:
win32/renosvba32OScope.D...

PWS-OnlineGames.cp!C7F45BE6

- PWS-OnlineGames.cp!C7F45BE6 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength122,880
bytesCRCC7F45BE6MD5F8D95076B5A31C3F7AEB4C9DD6AA8476SHA1DEB73DC1C1A4A55CB01E0CFF82F59939870A1D01Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Generic FakeAlert.a!507F029F

- Generic FakeAlert.a!507F029F at McAfee

File PropertyProperty ValueFileNamebrastk.exeMcAfee DetectionGeneric Downloader.xLength10,240
bytesCRC507F029FMD59B0D4C566F8745D3CDA61CD17C55CC0CSHA12CC635C2DD3A964F2A07F90A84CE9455BCB3379FOther Common
Detection AliasesCompany NameDetection NameavastWin32:LightyAVG (GriSoft)dropper.small.
ngFortiNetSuspiciousmicrosofttrojandownloader:...

PWS-OnlineGames.cp!5A50E2CF

- PWS-OnlineGames.cp!5A50E2CF at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength122,368
bytesCRC5A50E2CFMD546FDBE0A54AB7DCADF5174E9ED56BE7ASHA1197BFB42F731C1502FA33C8A169419C2A502EC01Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Generic Downloader.x!2649E551

- Generic Downloader.x!2649E551 at McAfee

File PropertyProperty ValueFileNameupdate~1.exeMcAfee DetectionGeneric Downloader.xLength8,192
bytesCRC2649E551MD5786C4C6C42188390D6B6F66A774262E9SHA1E9DA5D3E0B3275341016FCDF3D3FB80622378F0BOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)sheur.cmrxBitDefenderTrojan.Downloader.Agent.ZRHDr.
WebTrojan.DownLoad.4617eS...

WORM_VOTERAI.N

- WORM_VOTERAI.N at Trend Micro

...

Troj/Agent-HXE

- Troj/Agent-HXE at Sophos

...

Troj/DwnLdr-HJE

- Troj/DwnLdr-HJE at Sophos

...

Troj/FakeAle-IH

- Troj/FakeAle-IH at Sophos

...

W32/AutoRun-LN

- W32/AutoRun-LN at Sophos

...

W32/AutoRun-LO

- W32/AutoRun-LO at Sophos

W32/AutoRun-LO is a worm for the Windows platform that spreads via removable drives.
When run W32/AutoRun-LO copies itself to <System>\regedit32.exe.
W32/AutoRun-LO installs itself as a service with the name "BackGround switch", a description of "BackGround
Switch Diskto...

Troj/Agent-HXD

- Troj/Agent-HXD at Sophos

...

Troj/Bckdr-QPV

- Troj/Bckdr-QPV at Sophos

...

Troj/DwnLdr-HJC

- Troj/DwnLdr-HJC at Sophos

...

Troj/FakeAle-IF

- Troj/FakeAle-IF at Sophos

...

Troj/FakeAle-IG

- Troj/FakeAle-IG at Sophos

...

0 writebacks [10/14/2008 04:54] [] permanent link

Virus Malware and Threat News for 20081012

PWS-OnlineGames.cp!9B24A739

- PWS-OnlineGames.cp!9B24A739 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength122,880
bytesCRC9B24A739MD5B4C8690881065B733FFD7945039544BBSHA19F4C3E12E7EB1ADB9BD6D2B980CBCB89CE438178Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Troj/Agent-HWY

- Troj/Agent-HWY at Sophos

...

Troj/Rexplo-E

- Troj/Rexplo-E at Sophos

...

Troj/Dloadr-BVN

- Troj/Dloadr-BVN at Sophos

...

Troj/Dloadr-BVO

- Troj/Dloadr-BVO at Sophos

...

Troj/Mdrop-BWG

- Troj/Mdrop-BWG at Sophos

Troj/Mdrop-BWG drops the file <System>\<Random name>.dll which is detected as
Mal/Behav-228.
...

Troj/Crack-O

- Troj/Crack-O at Sophos

Troj/Crack-O is a crack tool which can be used to patch RegCure v1.5.0.0 (a legitimate commercial
application), in order to circumvent its license-protection mechanism.
...

Troj/Dwnldr-HIZ

- Troj/Dwnldr-HIZ at Sophos

When first run, Troj/Dwnldr-HIZ silently starts a copy of Internet Explorer, and injects malicious
code into this process. The hijacked Internet Explorer then attempts to download code
from the internet....

Troj/Keygen-CM

- Troj/Keygen-CM at Sophos

...

Troj/Mdrop-BWF

- Troj/Mdrop-BWF at Sophos

...

0 writebacks [10/13/2008 04:57] [] permanent link

Virus Malware and Threat News for 20081011

PWS-OnlineGames.cp!DA885024

- PWS-OnlineGames.cp!DA885024 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cpLength128,512
bytesCRCDA885024MD56934765949D221F2D958537A55AF606DSHA10FE45B66231D385A0C1DC7B739850ECC1C1E30F2Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Troj/Bckdr-QPT

- Troj/Bckdr-QPT at Sophos

...

Troj/PWS-AUF

- Troj/PWS-AUF at Sophos

Troj/PWS-AUF is a password stealing Trojan for the Windows platform. When
Troj/PWS-AUF is installed the following files are created:
<Windows>\Help\<variable>.dll <Windows>\Help\<variable>.exe
where <variable> is ...

Troj/Agent-HWU

- Troj/Agent-HWU at Sophos

Troj/Agent-HWU is a Trojan for the Windows platform. When first run
Troj/Agent-HWU copies itself to <System>\rs32net.exe. The following registry
entry is created to run rs32net.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ...

Troj/Dwnldr-HIY

- Troj/Dwnldr-HIY at Sophos

Troj/Dwnldr-HIY attempts to download and run additional malware.
...

Troj/FakeAV-EP

- Troj/FakeAV-EP at Sophos

Troj/FakeAV-EP is a fraudulent application that poses as anti-virus software. Infections will
always be reported by Troj/FakeAV-EP even when none exist, and the user is asked to pay money to remove them.
Troj/FakeAV-EP cannot remove any genuine malware. When first run
Troj/Fak...

Troj/Gamania-CJ

- Troj/Gamania-CJ at Sophos

Troj/Gamania-CJ is a password stealing Trojan for the Windows platform.
When Troj/Gamania-CJ is installed the following files are created:
<Windows>\Debug\<VARIABLE>.DLL <Windows>\Debug\<VARIABLE>.EXE
<Temp>\<variable>....

W32/AutoRun-LH

- W32/AutoRun-LH at Sophos

W32/AutoRun-LH is a worm for the Windows platform. When first run
W32/AutoRun-LH copies itself to: <Root>\rejoice46.exe
<System>\_rejoice46.exe <System>\rejoice46.exe and creates the
following files: ...

W32/AutoRun-LI

- W32/AutoRun-LI at Sophos

W32/AutoRun-LI is a worm for the Windows platform. When W32/AutoRun-LI is
installed the following files are created: <User>\Application Data\autorun.inf
The file autorun.inf is detected as W32/AutoRun-ER. W32/AutoRun-LI
chan...

0 writebacks [10/12/2008 04:57] [] permanent link

Virus Malware and Threat News for 20081010

W32/Autorun.worm.dx!FF19FFF3

- W32/Autorun.worm.dx!FF19FFF3 at McAfee

File PropertyProperty ValueFileNamexmss.exeMcAfee DetectionW32/Autorun.worm.dxLength229,489
bytesCRCFF19FFF3MD586145D1A1E0A735EA61A99968A1774E3SHA1E3064D4D34A71066F87145D2D70E90004148A192Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)autoit.blKasperskyWorm.Win32.AutoRun.
eknormanw32/sohanad.gen12pandaW32/Autorun....

BackDoor-AWQ!AC8F8AB2

- BackDoor-AWQ!AC8F8AB2 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,644
bytesCRCAC8F8AB2MD515FF3565303B3B2B15502596F08B0424SHA1C4A2F5A6783E6BAEB83D77BC1BAF75B7BB07F33DOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAviraHEUR/CryptedBitDefenderTrojan.
Crypt.gqDr.WebTrojan.Packed.152eSafe ...

Downloader.gen.a!27417A04

- Downloader.gen.a!27417A04 at McAfee

File PropertyProperty ValueFileName3.exeMcAfee DetectionDownloader.gen.aLength24,625
bytesCRC27417A04MD57902647332B67D28EDE0682831EED78CSHA1741311635B9905528438C018D386C051EB1FC869Other Common
Detection AliasesCompany NameDetection NameAviraHEUR/MalwareBitDefenderTrojan.Crypt.gqDr.WebTrojan.DownLoader.
47705EsetWin32/TrojanDownloader....

BackDoor-CMQ!74BFEAB4

- BackDoor-CMQ!74BFEAB4 at McAfee

File PropertyProperty ValueFileNameetccx1~1.exeMcAfee DetectionNew Malware.dqLength26,031
bytesCRC74BFEAB4MD58EF0C61A76C1AA196D44966FC3E4B075SHA1F77293748D00DDF4DDA75B50C9F9483A85EF49FEOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)flooder.dehKasperskyTrojan-Proxy.Win32.Horst.
xgmicrosofttrojandownloader:win32/pa...

Mal/Behav-134

- Mal/Behav-134 at Sophos

Mal/Behav-134 is a malware family for the Windows platform. Members of
Mal/Behav-134 attempt to terminate security related processes, may modify firewall settings, and typically
attempt to download and execute code from remote websites. Detection for members of
Mal/Behav-134 ...

Mal/Gampass-B

- Mal/Gampass-B at Sophos

...

Troj/Bdoor-AOS

- Troj/Bdoor-AOS at Sophos

...

Troj/Dloadr-BVJ

- Troj/Dloadr-BVJ at Sophos

...

Troj/Dloadr-BVK

- Troj/Dloadr-BVK at Sophos

...

Troj/Iframe-BD

- Troj/Iframe-BD at Sophos

Troj/Iframe-BD is a malicious script within a web page that downloads other malware.
...

Troj/Poison-AG

- Troj/Poison-AG at Sophos

...

Troj/Poison-AH

- Troj/Poison-AH at Sophos

...

Troj/Swizzor-OH

- Troj/Swizzor-OH at Sophos

...

Troj/Agent-HWT

- Troj/Agent-HWT at Sophos

...

0 writebacks [10/11/2008 04:53] [] permanent link

Virus Malware and Threat News for 20081009

Trojan-Downloader:W32/Tibs.VX

- Trojan-Downloader:W32/Tibs.VX at F-Secure

This malware downloads files into the system and executes them.
...

W32.Bluven

- W32.Bluven at Norton Symantec

W32.Bluven is a worm that infects all document files on the compromised computer and attempts to spread
through removable devices.
...

Packed.Generic.190

- Packed.Generic.190 at Norton Symantec

Packed.Generic.190 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...

Packed.Generic.189

- Packed.Generic.189 at Norton Symantec

Packed.Generic.189 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...

Generic PUP.x!240D3872

- Generic PUP.x!240D3872 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic Dropper!DDCD15B2

- Generic Dropper!DDCD15B2 at McAfee

File PropertyProperty ValueFileNamers32ne~1.exeMcAfee DetectionGeneric DropperLength22,528
bytesCRCDDCD15B2MD5509B600EF5786BC47EF58094FF174520SHA1E112AC616B3F000CD322D191ED9FEC4D146C1C14Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)agent.adrhAviraTR/Dldr.
Agent.RCFBitDefenderTrojan.D...

Generic.dx!997C2851

- Generic.dx!997C2851 at McAfee

File PropertyProperty ValueFileNamemsgplus.exeMcAfee DetectionGeneric.dxLength139,264
bytesCRC997C2851MD503604CEA65F3E1621E9B91FE0E3FF9B1SHA126500D0C07DC6BB358ACE7C398F996A79931678FOther Common
Detection AliasesCompany NameDetection NameBitDefenderApplication.Messenger.Plus.Kmicrosoftprogram:
win32/messengerplusAvert® Labs has obse...

Generic Downloader.x!C07B9035

- Generic Downloader.x!C07B9035 at McAfee

File PropertyProperty ValueFileNamea.exeMcAfee DetectionGeneric Downloader.xLength60,932
bytesCRCC07B9035MD5172B923453AD3204830621B7E6A0E62ESHA1FC2107FBCA5F58660DD1AC45019C824D820C1E74Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)sheur.
cnikAviraTR/FraudPack.ajnDr.WebTrojan.DownLoad....

Generic.dx!D8BB6C58

- Generic.dx!D8BB6C58 at McAfee

File PropertyProperty ValueFileNamevideo.exeMcAfee DetectionGeneric.dxLength60,932
bytesCRCD8BB6C58MD5EB8212E30B2E4B2294579DB6FD55CB7BSHA18B3009AB3041756495BD940E8F454B7D964CCC1DOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)sheur.cnikKasperskyTrojan.Win32.FraudPack.
ajnSymantecDownloaderAvert® Labs has observ...

Generic Downloader.x!2BCD48B7

- Generic Downloader.x!2BCD48B7 at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

FakeAlert-BD!091C722A

- FakeAlert-BD!091C722A at McAfee

File PropertyProperty ValueFileNamerep.exeMcAfee DetectionFakeAlert-BDLength86,016
bytesCRC091C722AMD5A217CDB07AA1BC2DAD954DD2BD30F52CSHA1C1613EEBEA3105BB9CC22787E89C7F58B45FF916Other Common
Detection AliasesCompany NameDetection NameavastWin32:PureMorphAVG (GriSoft)generic11.anxrKasperskyTrojan.
Win32.Obfuscated.gxnormanw32/busky.dgg...

Dialer-321!215E2443

- Dialer-321!215E2443 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

BackDoor-AWQ!B09A3D08

- BackDoor-AWQ!B09A3D08 at McAfee

File PropertyProperty ValueFileName9_1_~1.exeMcAfee DetectionBackDoor-AWQLength184,471
bytesCRCB09A3D08MD5FABDC596B9853F230FBA1BEDA0F05B80SHA1BB67CDFBE3DF4C1B4AF1E2D134FB350102459DA7Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/HeurAviraHEUR/CryptedBitDefenderDropped:Trojan.A...

Generic Dropper.bi!D7DD63D0

- Generic Dropper.bi!D7DD63D0 at McAfee

File PropertyProperty ValueFileName5.exeMcAfee DetectionGeneric Dropper.biLength12,972
bytesCRCD7DD63D0MD50B309DF15DC3A7193398F27F2CA10469SHA1931654BA468580025AC0493FEF86177634064F24Other Common
Detection AliasesCompany NameDetection NameavastWin32:Rootkit-gen [Rtk]AviraTR/Crypt.XDR.GeneSafe
(Alladin)Suspicious File [104]Eseta varian...

Downloader-VD!1B30C3D7

- Downloader-VD!1B30C3D7 at McAfee

File PropertyProperty ValueFileNameb158~1.exeMcAfee DetectionDownloader-VDLength213,504
bytesCRC1B30C3D7MD516793F10F81EFE75823FE4857A70E09ASHA1F4A58BDCD75D8464FB6C5EBF9E104A224BBF15BCOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)dropper.agent.jufAvert® Labs has observed the
following system activities:Activi...

Downloader-Fenomen.gen.a!6A6178EA

- Downloader-Fenomen.gen.a!6A6178EA at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Spy-Agent.ba!2D930DF3

- Spy-Agent.ba!2D930DF3 at McAfee

File PropertyProperty ValueFileNamehost.exeMcAfee DetectionSpy-Agent.baLength135,896
bytesCRC2D930DF3MD5C49DBB4B3B113564BB22577A9CF40D83SHA1344F6ED7024B9C8F49787523A877C3202F0B18A9Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)psw.generic6.aabeAviraTR/Dropper.GeneSafe
(Alladin)Suspicious fileEsetWin32/Spy.BZub.N...

Spy-Agent.ba.dldr!3A1AC02C

- Spy-Agent.ba.dldr!3A1AC02C at McAfee

File PropertyProperty ValueFileNameupdatexo.exeMcAfee DetectionSpy-Agent.ba.dldrLength20,992
bytesCRC3A1AC02CMD59F41D893A357F0EDA1F2E53136E722D4SHA197F43DB764224A5F1D18625A8D9BAE1C1D2A741EOther Common
Detection AliasesCompany NameDetection NameAviraWorm/Rbot.20992.4EsetWin32/TrojanDownloader.Nurech.NCM
trojanFortiNetSuspiciousKaspers...

Generic PWS.y!274CF2FD

- Generic PWS.y!274CF2FD at McAfee

File PropertyProperty ValueFileNameupdate.exeMcAfee DetectionGeneric PWS.yLength45,272
bytesCRC274CF2FDMD5072E50BF5EC35DFD6CF45045B9193DC0SHA19D5AD2DB48C3CFEF6A72D306CC1C9433D5C4B54FOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Bzub.45272AVG (GriSoft)Generic11.
QQRBitDefenderTrojan.KeyLogger.msoKasperskyTroj...

Generic.dx!3C1E78BB

- Generic.dx!3C1E78BB at McAfee

File PropertyProperty ValueFileNamenewfol~1.exeMcAfee DetectionGeneric.dxLength225,280
bytesCRC3C1E78BBMD5B446247DEEE674457B52044DB6F0FF44SHA186B988D62A740B0E1E2FE05786F59902DD2021A3Other Common
Detection AliasesCompany NameDetection NameavastWin32:VB-HJM [Wrm]AVG (GriSoft)Worm/VB.CXTAviraWorm/VB.CK.
69BitDefenderBackdoor.VB.BLPclamav...

Generic Dropper.w!145DD4D5

- Generic Dropper.w!145DD4D5 at McAfee

File PropertyProperty ValueFileNamesnapsnet.exeMcAfee DetectionGeneric Dropper.wLength112,348
bytesCRC145DD4D5MD5B1CB5A9BDE5246E74FEDAD30F937CD4DSHA11552620AAAB2E2E68EFC17B1932D422C4F6BC086Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AviraDR/Dldr.VB.VPG.
7BitDefenderMemScan:Trojan.Downloader.JKZ...

Generic.dx!3D003025

- Generic.dx!3D003025 at McAfee

File PropertyProperty ValueFileNamexrg2.exeMcAfee DetectionGeneric.dxLength22,016
bytesCRC3D003025MD5004CDACACE6A04A812EE0A416ED6C5D5SHA160149168F149724300CB6B82FCDE871AE2D5E2E4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-AppCare/Renos.19968.AFavastWin32:Trojan-gen {Other}AVG
(GriSoft)Downloader.Generic7.AVKJEset...

Generic Downloader.x!59E912B4

- Generic Downloader.x!59E912B4 at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

Downloader-BJN.sys!14413516

- Downloader-BJN.sys!14413516 at McAfee

File PropertyProperty ValueFileNameko.exeMcAfee DetectionDownloader-BJN.sysLength21,580
bytesCRC14413516MD51A9DCFBC6D7328A30D2EBB6B91D32356SHA10C9B608689F3FEF55E963B304895262391ED5432Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)Crypt.OVAviraTR/Dropper.
GenBitDefenderTrojan.Generic.4...

Generic QHosts.a.gen!59951393

- Generic QHosts.a.gen!59951393 at McAfee

File PropertyProperty ValueFileNamealvkp.exeMcAfee DetectionGeneric QHosts.a.genLength307,032
bytesCRC59951393MD5624417187AE42CF22C6F2BD48FA2D101SHA1052F87F4FF10E1370005B07A1BD86604667BAAD0Avert® Labs
has observed the following system activities:ActivityRisk LevelUses shared memory of other
processesLowPerforms a shell execute of ...

Troj/Bancban-QZ

- Troj/Bancban-QZ at Sophos

...

Troj/FakeAle-IE

- Troj/FakeAle-IE at Sophos

...

Troj/Rootkit-DW

- Troj/Rootkit-DW at Sophos

...

Mal/FakeAV-I

- Mal/FakeAV-I at Sophos

...

Troj/Agent-HWJ

- Troj/Agent-HWJ at Sophos

...

Troj/Agent-HWK

- Troj/Agent-HWK at Sophos

...

Troj/Agent-HWL

- Troj/Agent-HWL at Sophos

Troj/Agent-HWL is a Trojan for the Windows platform. When first run
Troj/Agent-HWL copies itself to <System>\qq.exe and creates the file <Root>\bot.txt.
The file QQ.exe is registered as a new system driver service named "windows XP", with a display name
of "windows...

Troj/Agent-HWM

- Troj/Agent-HWM at Sophos

...

Troj/Agent-HWN

- Troj/Agent-HWN at Sophos

...

0 writebacks [10/10/2008 04:53] [] permanent link

Virus Malware and Threat News for 20081008

Trojan-Spy:W32/Goldun.RR

- Trojan-Spy:W32/Goldun.RR at F-Secure

A type of trojan that includes a variety of spy programs and keyloggers.
...

Trojan-Downloader:W32/Agent.HSM

- Trojan-Downloader:W32/Agent.HSM at F-Secure

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....

Generic Dropper!D045696B

- Generic Dropper!D045696B at McAfee

File PropertyProperty ValueFileNameservices.exeMcAfee DetectionGeneric DropperLength40,448
bytesCRCD045696BMD56544B1853A5955367CA77307F9D55D31SHA1C8B2CF2EDF0CB43D1C28AA30C0D069A301ADD044Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)generic11.
aozdAviraWorm/Joleee.APEseta variant of W...

Adware-Cinmus.gen.a!A39C7525

- Adware-Cinmus.gen.a!A39C7525 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

BackDoor-AWQ!46C756AE

- BackDoor-AWQ!46C756AE at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,480
bytesCRC46C756AEMD532CA3DF403DF444F39C9E25BCBF452E4SHA1ACC043FF8FD3F80D5BB673C5D977D836E73B9E1EOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/HeurAviraHEUR/CryptedBitDefenderDropped:Trojan.Agent....

BackDoor-AWQ!26FF8AE0

- BackDoor-AWQ!26FF8AE0 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,642
bytesCRC26FF8AE0MD5D6056467120F275E06EC09E6B9D7EF6ASHA16E13BAA9FA48B60333077F8E952ED700EAB154FCOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/HeurAviraHEUR/CryptedBitDefenderGenPack:Trojan.Agent....

BackDoor-AWQ.b!8E2D1A17

- BackDoor-AWQ.b!8E2D1A17 at McAfee

File PropertyProperty ValueFileNamesever~1.exeMcAfee DetectionNew Malware.hiLength664,576
bytesCRC8E2D1A17MD50E721DD3F88DA9399BD6C202862A3867SHA1C63132E3BBA37973EF685C50F638E771FE95E6D0Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Hupigon.664576.CCavastWin32:Hupigon-HVW [Trj]AVG
(GriSoft)SHeur.KMVAviraBDS/B...

Generic PUP.z!0EF3955D

- Generic PUP.z!0EF3955D at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.x!03FD5EEF

- Generic PUP.x!03FD5EEF at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic Downloader.x!5FEF3242

- Generic Downloader.x!5FEF3242 at McAfee

File PropertyProperty ValueFileNamelopytquf.exeMcAfee DetectionGeneric Downloader.xLength14,848
bytesCRC5FEF3242MD57C52442C537E00A2284A97B8591E4D1ESHA11B0DDAA81C76770F333241531AA3EBD793BCBE90Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)downloader.generic7.avjjAviraTR/Dldr.Delf.
oxtBitDefenderDropped:Trojan.Down...

Generic PWS.y!E4AA2ACD

- Generic PWS.y!E4AA2ACD at McAfee

File PropertyProperty ValueFileName15.exeMcAfee DetectionGeneric PWS.yLength22,304
bytesCRCE4AA2ACDMD5BC32176246841C50993AF51EB888C102SHA1C024FA5E790A75F31A3ABB18C958D27522C490FAOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)PSW.OnlineGames.
BAVIAviraTR/Spy.GenBitDefenderTrojan.PWS.On...

PWS-Mmorpg.gen!1CFA30A9

- PWS-Mmorpg.gen!1CFA30A9 at McAfee

File PropertyProperty ValueFileName28.exeMcAfee DetectionPWS-Mmorpg.genLength8,008
bytesCRC1CFA30A9MD56C8C55A95063D9BFB4C4FBF5EB2920CASHA192C3EA14396D5FC8B639E84AB5DC350E28C7099EOther Common
Detection AliasesCompany NameDetection NameavastWin32:Spyware-gen [Trj]AviraTR/Dropper.GenBitDefenderTrojan.
PWS.OnlineGames.ZYDeSafe (Alladin)Su...

PWS-OnlineGames.bp!87A4B20E

- PWS-OnlineGames.bp!87A4B20E at McAfee

File PropertyProperty ValueFileName12.exeMcAfee DetectionPWS-OnlineGames.bpLength14,336
bytesCRC87A4B20EMD5EBE1F19A1EABEC513D7DC5E0234A7E08SHA1BE18C957A2B90F1BD6E306574CEF135E58C9FCC5Other Common
Detection AliasesCompany NameDetection NameavastWin32:Agent-ZRP [Trj]AVG (GriSoft)PSW.OnlineGames.
BAKZAviraTR/Dropper.GenBitDefenderTrojan....

PWS-OnlineGames.bp!A43C2393

- PWS-OnlineGames.bp!A43C2393 at McAfee

File PropertyProperty ValueFileName24.exeMcAfee DetectionPWS-OnlineGames.bpLength11,776
bytesCRCA43C2393MD59020F09E895F865F7AF28301EA36D1B8SHA1929A503A58DCA08B252CEB4B5B741F8D69CDAACFOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.CavastWin32:Agent-ZRP
[Trj]AviraTR/Dropper.GenBitDefenderTrojan....

PWS-OnlineGames.x!3644437B

- PWS-OnlineGames.x!3644437B at McAfee

File PropertyProperty ValueFileName8.exeMcAfee DetectionPWS-OnlineGames.xLength38,365
bytesCRC3644437BMD5EC13F7AAFB5CE35202DCDD5CB91B5107SHA18AE4A0D2E2985422F56FFC94EBBC4B429DD7BF41Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Packer.2655avastWin32:Onlinegames-ALS [Trj]AVG
(GriSoft)Generic11.AIOVAviraTR/Spy...

PWS-Mmorpg.gen!DE7B0844

- PWS-Mmorpg.gen!DE7B0844 at McAfee

File PropertyProperty ValueFileName30.exeMcAfee DetectionPWS-Mmorpg.genLength22,036
bytesCRCDE7B0844MD5009250850C9A97ECE437CBDB87647CD8SHA10A29C618BE5C0F1A8AF87E5D96308830BB3BEDCCOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)PSW.OnlineGames.
BBMWAviraTR/Hijacker.GenBitDefenderTrojan....

PWS-OnlineGames.ce!BC0ECE34

- PWS-OnlineGames.ce!BC0ECE34 at McAfee

File PropertyProperty ValueFileName19.exeMcAfee DetectionPWS-OnlineGames.ceLength14,536
bytesCRCBC0ECE34MD5919376960226D5034DECDD79B42BAADFSHA1F27D7BF46B2D9D2552F6C17493C98509776C9EB4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:OnLineGames-EZN
[Trj]AVG (GriSoft)PSW.Generic6.AEUVA...

PWS-OnlineGames.bp!91F3BFB5

- PWS-OnlineGames.bp!91F3BFB5 at McAfee

File PropertyProperty ValueFileName4.exeMcAfee DetectionPWS-OnlineGames.bpLength15,872
bytesCRC91F3BFB5MD5CD54ADDEBD2EBFF1B837C81B1A81DEDBSHA11E994B5E91DA52B92D9692DC4445F91E1AE21398Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.15872.GQavastWin32:Agent-ZRP
[Trj]AviraTR/PSW.Online.binBitDefend...

Generic BackDoor!4D412BCE

- Generic BackDoor!4D412BCE at McAfee

File PropertyProperty ValueFileName18.exeMcAfee DetectionGeneric BackDoorLength16,249
bytesCRC4D412BCEMD57A9C0CBF9B87187F411545B6628C4AC7SHA14CA9B577DFDB0B5CD345AFBCA6480AA89A69F4AFOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen
{Other}AviraTR/Spy.Agent.nxaBitDefenderTroj...

PWS-OnlineGames.ce!4C3B8DAD

- PWS-OnlineGames.ce!4C3B8DAD at McAfee

File PropertyProperty ValueFileName16.exeMcAfee DetectionPWS-OnlineGames.ceLength14,616
bytesCRC4C3B8DADMD5815A793235935FFC0E81A4846F189847SHA17EEDC46A094F71729A9661A7956BFEA07CC1DB3DOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen
{Other}AviraTR/PSW.Lmir.UMNBitDefenderTro...

PWS-OnlineGames.ce!4B5ADA5F

- PWS-OnlineGames.ce!4B5ADA5F at McAfee

File PropertyProperty ValueFileName21.exeMcAfee DetectionPWS-OnlineGames.ceLength14,875
bytesCRC4B5ADA5FMD52FB6AEA3A1ED60AC04E6EA55DAB188E4SHA1672AD10B4FCEB956764B7BA50151DF35C335BAF5Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)PSW.Generic6.AFMZ (Trojan horse)AviraTR/Dropper.
GenBitDefenderTrojan.PWS.Lmir.UMHEs...

Generic BackDoor!6D9902D4

- Generic BackDoor!6D9902D4 at McAfee

File PropertyProperty ValueFileName32.exeMcAfee DetectionGeneric BackDoorLength17,205
bytesCRC6D9902D4MD56998265755457E046EAC86405A25FC9ASHA13E6BA45D839E45D66A7174AC8479F3D878A2819FOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen
{Other}AviraTR/Spy.Agent.nxaBitDefenderTroj...

PWS-OnlineGames.ce!B2FE018E

- PWS-OnlineGames.ce!B2FE018E at McAfee

File PropertyProperty ValueFileName13.exeMcAfee DetectionPWS-OnlineGames.ceLength15,794
bytesCRCB2FE018EMD567A606CB579E840EB57E5C4FBD916D3ESHA179C5F1013ED6D1C2F9017A5291C727F6900A9F35Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen {Other}AVG
(GriSoft)PSW.Generic6.ADBUAvir...

W32/Generic.worm!p2p!8AE731B9

- W32/Generic.worm!p2p!8AE731B9 at McAfee

File PropertyProperty ValueFileName26.exeMcAfee DetectionW32/Generic.worm!p2pLength39,282
bytesCRC8AE731B9MD54C41ED8A5A17B4BF8A34C36D246E6DCFSHA1D7B5C3294947E49329CE0D822DD67AD52D979F0DOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)generic11.
ahxwAviraTR/Crypt.XPACK.GenclamavPUA.Packe...

PWS-OnlineGames.ce!EEB3F1F0

- PWS-OnlineGames.ce!EEB3F1F0 at McAfee

File PropertyProperty ValueFileName10.exeMcAfee DetectionPWS-OnlineGames.ceLength14,272
bytesCRCEEB3F1F0MD520824F8AE55CD53262296F86030F5141SHA1C2FCB0D3BBDD9C6FD876B20A6775850118E394D5Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)PSW.Generic6.AGED (Trojan
horse)AviraTR/Dropper.GenBit...

PWS-QQGame!8721EC9D

- PWS-QQGame!8721EC9D at McAfee

File PropertyProperty ValueFileName29.exeMcAfee DetectionPWS-QQGameLength31,863
bytesCRC8721EC9DMD5F06CBB09C8055F56EC2D76BA2B7282DESHA1F4EE437C6A1517FBB6EDDF544D1D5CB10BF1A961Other Common
Detection AliasesCompany NameDetection NameavastWin32:OnLineGames-BSI [Trj]AVG (GriSoft)PSW.Delf.CCE (Trojan
horse)AviraTR/ATRAPS.GenBitDefenderGen...

PWS-Mmorpg.gen!C96FD86E

- PWS-Mmorpg.gen!C96FD86E at McAfee

File PropertyProperty ValueFileName0.exeMcAfee DetectionPWS-Mmorpg.genLength19,201
bytesCRCC96FD86EMD59A5F6C8752CDF79183BA49A5F5004C0ASHA19B465C1017653420F39049A9569DEBEE004FFEFDOther Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/OnlineGameHack.BavastWin32:Trojan-gen {Other}AVG
(GriSoft)PSW.OnlineGames.BAODAviraT...

Generic Downloader.x!3A55B54D

- Generic Downloader.x!3A55B54D at McAfee

File PropertyProperty ValueFileNamemediax~1.exeMcAfee DetectionGeneric Downloader.xLength14,848
bytesCRC3A55B54DMD5D1338497CB9C2F8C877D84E8BC512ECDSHA1BA9000EDD8DB75F3CA1BFCBF11441AF110C57D4AOther Common
Detection AliasesCompany NameDetection NamemicrosoftTrojanDownloader:Win32/Bofang.BSymantecDownloaderAvert®
Labs has observed th...

Downloader-ARL!B0385E55

- Downloader-ARL!B0385E55 at McAfee

File PropertyProperty ValueFileNamevideo1~1.exeMcAfee DetectionDownloader-ARLLength57,348
bytesCRCB0385E55MD567820EE80943067EB83B8028DE557626SHA17B95F47E4EB593B7BFE37946355155E87D3444B2Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)sheur.
clpmAviraTR/FraudPack.aecDr.WebTrojan.DownLoad...

Downloader-ARL!DF6EC94E

- Downloader-ARL!DF6EC94E at McAfee

File PropertyProperty ValueFileNamea.exeMcAfee DetectionDownloader-ARLLength69,120
bytesCRCDF6EC94EMD50E28FA4571389CC55E22045F3AF68E52SHA15764282D72D7AA5375E50E81BB6A59683F8E6F82Other Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)SHeur.CLGH (Trojan
horse)AviraHEUR/Crypted.EeSafe (Alladin)...

Downloader-ARL!334999A2

- Downloader-ARL!334999A2 at McAfee

File PropertyProperty ValueFileName~exe~1.exeMcAfee DetectionDownloader-ARLLength61,440
bytesCRC334999A2MD5C899F0D898B95A6ED1D49DAAD3E91D1DSHA168F31F069153DBC97BF075BA16F7DEDEE942709AOther Common
Detection AliasesCompany NameDetection NameavastWin32:PureMorph [Cryp]FortiNetW32/PolySmall.
BP!trF-ProtW32/FakeAlert.X.gen!EldoradoKaspersk...

Generic.dx!608B7D6C

- Generic.dx!608B7D6C at McAfee

File PropertyProperty ValueFileNamesetup~1.exeMcAfee DetectionGeneric.dxLength4,645,368
bytesCRC608B7D6CMD5A0CF146CEC5A01C63FF21EA8BF5B930CSHA1C6E7126F83F97550B51A7C0E2BF062A47DEEF676Avert® Labs
has observed the following system activities:ActivityRisk LevelEnumerates open windowsMediumWrites executable
in the windows folderLowPer...

Lydra.AO

- Lydra.AO at Panda

It steals information from the affected user and computer, such as passwords, email addresses, IP address, and
then it is sent to its author. It does not spread automatically by its own means.
...

Redvoz.A

- Redvoz.A at Panda

It is designed to connect to a remote server through which the computer can be remotely controlled
by an attacking user. It does not spread automatically by its own means.
...

Mal/GamePSW-D

- Mal/GamePSW-D at Sophos

...

Troj/Bckdr-QPQ

- Troj/Bckdr-QPQ at Sophos

...

Troj/Bckdr-QPR

- Troj/Bckdr-QPR at Sophos

...

Troj/Bckdr-QPS

- Troj/Bckdr-QPS at Sophos

...

Troj/Dloadr-BUT

- Troj/Dloadr-BUT at Sophos

...

Troj/Dloadr-BUU

- Troj/Dloadr-BUU at Sophos

...

Troj/Dloadr-BUV

- Troj/Dloadr-BUV at Sophos

...

Troj/Dloadr-BUW

- Troj/Dloadr-BUW at Sophos

...

Troj/Dloadr-BUX

- Troj/Dloadr-BUX at Sophos

...

Troj/Drop-AZ

- Troj/Drop-AZ at Sophos

Troj/Drop-AZ is a Trojan for the Windows platform. Troj/Drop-AZ includes
functionality to drop and run new malware. When Troj/Drop-AZ is installed the following
file is created: %TempPath%\Oct2008.exe, which is detected as Troj/Dloadr-BUW
%Tem...

Trojan.Hexzone

- Trojan.Hexzone at Norton Symantec

Trojan.Hexzone is a Trojan horse that may download files on to the compromised computer. It may also display
advertisements in Internet Explorer.
...

Autorun.AHS

- Autorun.AHS at Panda

It modifies the Internet Explorer start page changing it to a website which may contain malicious links, from
which malware could be downloaded to the affected system. It spreads through the disk drive of the computer.
...

Troj/Dloadr-BVD

- Troj/Dloadr-BVD at Sophos

...

Troj/Dloadr-BVF

- Troj/Dloadr-BVF at Sophos

...

Troj/Iframe-BA

- Troj/Iframe-BA at Sophos

Troj/Iframe-BA is a malicious script within a web page that downloads other malware.
...

W32/Autorun-LD

- W32/Autorun-LD at Sophos

W32/Autorun-LD is a worm for the Windows platform. The worm spreads via
removable media devices. W32/Autorun-LD also can be controlled by a remote attacker over IRC channels.
When run, the worm copies itself to
<Root>\RESTORE\<S-numbers>\ROX....

Troj/Agent-HWC

- Troj/Agent-HWC at Sophos

...

Troj/Agent-HWD

- Troj/Agent-HWD at Sophos

...

Troj/Agent-HWE

- Troj/Agent-HWE at Sophos

...

Troj/Dloadr-BVB

- Troj/Dloadr-BVB at Sophos

...

Troj/Dloadr-BVC

- Troj/Dloadr-BVC at Sophos

...

Troj/FakeAle-ID

- Troj/FakeAle-ID at Sophos

...

0 writebacks [10/09/2008 04:54] [] permanent link

Virus Malware and Threat News for 20081007

Trojan-Spy:W32/Goldun.RR

- Trojan-Spy:W32/Goldun.RR at F-Secure

A type of trojan that includes a variety of spy programs and keyloggers.
...

Trojan-Downloader:W32/Agent.HSM

- Trojan-Downloader:W32/Agent.HSM at F-Secure

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....

Generic Dropper!D045696B

Adware-Cinmus.gen.a!A39C7525

BackDoor-AWQ!46C756AE

BackDoor-AWQ!26FF8AE0

BackDoor-AWQ.b!8E2D1A17

Generic PUP.z!0EF3955D

Generic PUP.x!03FD5EEF

Generic Downloader.x!5FEF3242

Generic PWS.y!E4AA2ACD

PWS-Mmorpg.gen!1CFA30A9

PWS-OnlineGames.bp!87A4B20E

PWS-OnlineGames.bp!A43C2393

PWS-OnlineGames.x!3644437B

PWS-Mmorpg.gen!DE7B0844

PWS-OnlineGames.ce!BC0ECE34

PWS-OnlineGames.bp!91F3BFB5

Generic BackDoor!4D412BCE

PWS-OnlineGames.ce!4C3B8DAD

PWS-OnlineGames.ce!4B5ADA5F

Generic BackDoor!6D9902D4

PWS-OnlineGames.ce!B2FE018E

W32/Generic.worm!p2p!8AE731B9

PWS-OnlineGames.ce!EEB3F1F0

PWS-QQGame!8721EC9D

PWS-Mmorpg.gen!C96FD86E

Generic Downloader.x!3A55B54D

Downloader-ARL!B0385E55

Downloader-ARL!DF6EC94E

Downloader-ARL!334999A2

Generic.dx!608B7D6C

Lydra.AO

Redvoz.A

- Redvoz.A at Panda

It is designed to connect to a remote server through which the computer can be remotely controlled
by an attacking user. It does not spread automatically by its own means.
...

Mal/GamePSW-D

- Mal/GamePSW-D at Sophos

...

Troj/Bckdr-QPQ

- Troj/Bckdr-QPQ at Sophos

...

Troj/Bckdr-QPR

- Troj/Bckdr-QPR at Sophos

...

Troj/Bckdr-QPS

- Troj/Bckdr-QPS at Sophos

...

Troj/Dloadr-BUT

- Troj/Dloadr-BUT at Sophos

...

Troj/Dloadr-BUU

- Troj/Dloadr-BUU at Sophos

...

Troj/Dloadr-BUV

- Troj/Dloadr-BUV at Sophos

...

Troj/Dloadr-BUW

- Troj/Dloadr-BUW at Sophos

...

Troj/Dloadr-BUX

- Troj/Dloadr-BUX at Sophos

...

Troj/Drop-AZ

0 writebacks [10/08/2008 08:14] [] permanent link

Virus Malware and Threat News for 20081006

Trojan-Dropper:W32/Hoaxer.B

- Trojan-Dropper:W32/Hoaxer.B at F-Secure

This type of trojan contains one or more malicious files, which it will secretly install on the system.
...

Downloader.Misapp!zip

- Downloader.Misapp!zip at Norton Symantec

Downloader.Misapp!zip is a detection for password-protected .zip files, which may arrive as an attachment to a
spammed email....

W32.Poskiwing

- W32.Poskiwing at Norton Symantec

W32.Poskiwing is a worm that spreads by copying itself to removable and network drives. It also infects
certain files and may open a back door on the compromised computer.
...

BackDoor-AWQ!532C3803

- BackDoor-AWQ!532C3803 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,396
bytesCRC532C3803MD5E23A44BB59A86ADC184360AEF29B52B5SHA1CDF65676B8F02480351E1A696BE4D701677004B8Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/HeurAviraHEUR/CryptedBitDefenderGenPack:Trojan.Agent....

Generic FakeAlert.b!72416103

- Generic FakeAlert.b!72416103 at McAfee

File PropertyProperty ValueFileNamemsx.exeMcAfee DetectionGeneric FakeAlert.bLength412,160
bytesCRC72416103MD5CC0DF062CB5A99845AB44A162AFA98DESHA1D08F3CCE19F1C7A1AC6FCF00D8B2AD211AAE6A60Other Common
Detection AliasesCompany NameDetection NameavastWin32:Adware-gen [Adw]AVG (GriSoft)SHeur.CLLJAviraPHISH/Fraud.
MSAntivirus.ATEsetWin32/Ad...

Generic Dropper!B79B5C47

- Generic Dropper!B79B5C47 at McAfee

File PropertyProperty ValueFileNamefceu.exeMcAfee DetectionGeneric DropperLength629,760
bytesCRCB79B5C47MD5639BECD302D67AECC0B93FD9E1DF3F88SHA15FACB98B315465FCD34CBC925E656EE555F4694BOther Common
Detection AliasesCompany NameDetection NameAviraTR/Drop.Agent.dmj.1clamavTrojan.Dropper-6687EMSI
SoftwareTrojan-Dropper.Win32.Agent.dmjF-Pr...

PWS-OnlineGames.cn!CD043657

- PWS-OnlineGames.cn!CD043657 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength128,000
bytesCRCCD043657MD54570B050D21CDE903B7297E9CED62D18SHA1B47A0E6EA0E7340E21D58E8A3C589A981EB71EF5Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Troj/Agent-HVS

- Troj/Agent-HVS at Sophos

...

Troj/Agent-HVT

- Troj/Agent-HVT at Sophos

...

Troj/Dropr-AI

- Troj/Dropr-AI at Sophos

...

W32/Autorun-LB

- W32/Autorun-LB at Sophos

...

Mal/PHPInfo-A

- Mal/PHPInfo-A at Sophos

Mal/PHPInfo-A is a PHP script that provides information about the server on which it is hosted.
Mal/PHPInfo-A is usually seen on hacked websites.
...

Troj/Dloadr-BUO

- Troj/Dloadr-BUO at Sophos

Troj/Dloadr-BUO is a downloader Trojan for the Windows platform. When
first run Troj/Dloadr-BUO moves itself to <System>\userinit.exe, replacing the Microsoft system file
which it copies to <System>\stus.exe.
...

Troj/Dloadr-BUP

- Troj/Dloadr-BUP at Sophos

Troj/Dloadr-BUP is a downloader Trojan for the Windows platform. When first
run Troj/Dloadr-BUP copies itself to <Windows>\updater.com with the hidden, system and read-only
attributes set and creates the following registry entries to run updater.com on startup:
HKLM\SOFT...

Troj/Mdrop-BWC

- Troj/Mdrop-BWC at Sophos

Troj/Mdrop-BWC drops the file <Windows>\Debug\<Random Number>.dll which is detected as
Mal/Emogen-N. Troj/Mdrop-BWC disables security applications by creating the following
registry value for each <Executable Name> it disables: HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentV...

Troj/Zlob-AOX

- Troj/Zlob-AOX at Sophos

Troj/Zlob-AOX is a downloader Trojan for the Windows platform. The
installer for Troj/Zlob-AOX drops a randomly named DLL to the System folder and registers this DLL as a COM
object and Browser Helper Object (BHO) for Microsoft Internet Explorer, creating registry entries under:
...

W32/Dugert-A

- W32/Dugert-A at Sophos

W32/Dugert-A is a virus for the Windows platform, not including Windows 95, 95, ME or earlier.W32/Dugert-A
infects executable files with an extension of EXE locatedon drives C: - Z:.W32/Dugert-A tries to avoid
infecting system executables. The virus creates temporary files in the current folder named <random1>.
<random2> w...

0 writebacks [10/07/2008 04:44] [] permanent link

Virus Malware and Threat News for 20081005

PWS-OnlineGames.cn!78A261DB

- PWS-OnlineGames.cn!78A261DB at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength126,976
bytesCRC78A261DBMD51DCBB2F74C1963F4669DD766FFE64971SHA1492B000C61AD3C91559F2AC2C08DC7E38BB75F69Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Adware-BrowsingHancer.dldr!99A9146E

- Adware-BrowsingHancer.dldr!99A9146E at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Troj/Agent-HVK

- Troj/Agent-HVK at Sophos

...

Troj/Dloadr-BUM

- Troj/Dloadr-BUM at Sophos

...

Troj/Dloadr-BUN

- Troj/Dloadr-BUN at Sophos

...

Troj/Agent-HVI

- Troj/Agent-HVI at Sophos

...

Troj/Agent-HVJ

- Troj/Agent-HVJ at Sophos

...

Troj/Bckdr-QPN

- Troj/Bckdr-QPN at Sophos

...

Troj/Bdoor-AOJ

- Troj/Bdoor-AOJ at Sophos

...

Troj/Delf-FBF

- Troj/Delf-FBF at Sophos

...

Troj/DwnLdr-HIQ

- Troj/DwnLdr-HIQ at Sophos

...

Troj/PsymeZ-Fam

- Troj/PsymeZ-Fam at Sophos

...

0 writebacks [10/06/2008 04:46] [] permanent link

Virus Malware and Threat News for 20081004

PWS-OnlineGames.cn!8DC62DF1

- PWS-OnlineGames.cn!8DC62DF1 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength128,000
bytesCRC8DC62DF1MD53B3311B00458BC47C02B3563C43AA847SHA185B92C596380A1CEA664A64A719AA6444AA980BDOther Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

Troj/DelpDldr-C

- Troj/DelpDldr-C at Sophos

Troj/DelpDldr-C is a Trojan for the Windows platform. Troj/DelpDldr-C
includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/DelpDldr-C copies itself to <System>\rs32net.exe. The
following r...

Troj/Rbot-GXC

- Troj/Rbot-GXC at Sophos

...

Troj/PhpShell-Q

- Troj/PhpShell-Q at Sophos

...

W32/Kolabc-D

- W32/Kolabc-D at Sophos

...

Mal/FakeAV-J

- Mal/FakeAV-J at Sophos

...

Troj/FakeVir-GC

- Troj/FakeVir-GC at Sophos

...

Troj/IFrame-AZ

- Troj/IFrame-AZ at Sophos

...

Troj/SnpveSVC-B

- Troj/SnpveSVC-B at Sophos

...

Troj/SnpveSVC-C

- Troj/SnpveSVC-C at Sophos

...

0 writebacks [10/05/2008 04:44] [] permanent link

Virus Malware and Threat News for 20081003

W32.Imalag.A

- W32.Imalag.A at Norton Symantec

W32.Imalag.A is a virus that spreads by infecting executable files. It also attempts to download data from
some predefined Web sites.
...

EKerberos

- EKerberos at Norton Symantec

BehaviorEKerberos is a misleading application that may give exaggerated reports of threats on the computer.
...

Generic PUP.z!3E808DE3

- Generic PUP.z!3E808DE3 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.z!291410B2

- Generic PUP.z!291410B2 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

W32/Yosheetsune

- W32/Yosheetsune at McAfee

W32/Yosheetsune virus is a worm, which attempts to propagate itself via network share.Upon execution, it
copies itself to the following folders:%USER_PROFILE%\Application Data\csrss.exe %USER_PROFILE%\Local
Settings\carbon.exe %USER_PROFILE%\Start Menu\Programs\Startup\Microsoft Startup Controller.exe
%WinDir%\db4d\lsass.exe"%WinDir%...

Generic.dx!62DC0236

- Generic.dx!62DC0236 at McAfee

File PropertyProperty ValueFileNamethiscard.exeMcAfee DetectionGeneric.dxLength307,902
bytesCRC62DC0236MD5352B4732993D1009223D1BF121F30B02SHA1B68E0DFF85BE44581046A189E668E5C05E8BDF03Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)PSW.OnlineGames.2.AEAviraTR/Crypt.XPACK.
GenF-Prot~W32/Onlinegames.genmicrosoftTrojan...

Adware-TryMedia!2ED8567C

- Adware-TryMedia!2ED8567C at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic Downloader.x!5262731B

- Generic Downloader.x!5262731B at McAfee

...

Generic PUP.x!DB386E3E

- Generic PUP.x!DB386E3E at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.x!CCAAD986

- Generic PUP.x!CCAAD986 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.x!8C416C8F

- Generic PUP.x!8C416C8F at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic Adware.dr!728C24ED

- Generic Adware.dr!728C24ED at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

PWS-OnlineGames.y.dr!3AC1B55D

- PWS-OnlineGames.y.dr!3AC1B55D at McAfee

File PropertyProperty ValueFileNamesample.exeMcAfee DetectionPWS-OnlineGames.y.drLength146,773
bytesCRC3AC1B55DMD5533C354FD6B427D634E911B94C0B7192SHA16F314E170DDAF18E8ED97B94790B1A0CD8CA4027Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)PSW.OnlineGames.2.AEAviraTR/Crypt.XPACK.GeneSafe
(Alladin)Suspicious File [1...

NetSniff!F63264E5

- NetSniff!F63264E5 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,238
bytesCRCF63264E5MD56D862EA6DBF2E92DA57444DD7CE1BE40SHA1BA6E7AB6BFF9569D6D9E163F2E480267A28A4EE4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAviraHEUR/CryptedBitDefenderGenPack:
Trojan.Agent.AJTEDr.WebTrojan.Packed...

Generic PUP.x!9A46D1DF

- Generic PUP.x!9A46D1DF at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic.dx!092A69AD

- Generic.dx!092A69AD at McAfee

File PropertyProperty ValueFileNamesample.exeMcAfee DetectionGeneric.dxLength193,536
bytesCRC092A69ADMD591C4E9D09F0C52D287B855598C10D3C2SHA1D527402B464720C27162F277A320144A87EC8CC3Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/NSAntiAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Crypt.Delf.AFeSafe (Alladin)Suspi...

AdClicker-BJ!5F3EEE34

- AdClicker-BJ!5F3EEE34 at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

Adware-Fastlook!A2E29364

- Adware-Fastlook!A2E29364 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Adware-Fastlook!39E39576

- Adware-Fastlook!39E39576 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Adware-Cinmus!A39C7525

- Adware-Cinmus!A39C7525 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

BackDoor-AWQ!F63264E5

- BackDoor-AWQ!F63264E5 at McAfee

File PropertyProperty ValueFileName9.exeMcAfee DetectionBackDoor-AWQLength184,238
bytesCRCF63264E5MD56D862EA6DBF2E92DA57444DD7CE1BE40SHA1BA6E7AB6BFF9569D6D9E163F2E480267A28A4EE4Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/HeurAviraHEUR/CryptedBitDefenderGenPack:Trojan.Agent....

Generic MultiDropper.d!5C2C9FFD

- Generic MultiDropper.d!5C2C9FFD at McAfee

File PropertyProperty ValueFileName10.exeMcAfee DetectionGeneric MultiDropper.dLength319,648
bytesCRC5C2C9FFDMD50CF60F6B9A43CF621F540D26128CDFABSHA17ADDE0EEF846895A5FF008F8844716E7EC2F4037Other Common
Detection AliasesCompany NameDetection NameAviraDR/Agent.abpb.1BitDefenderAdware.Toolbar.Bho.KclamavTrojan.
Agent-46632Dr.WebAdware.Bai...

Adware-Cinmus!FDE974A3

- Adware-Cinmus!FDE974A3 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic BackDoor.ah!01D308EB

- Generic BackDoor.ah!01D308EB at McAfee

File PropertyProperty ValueFileName32599773.exeMcAfee DetectionGeneric BackDoor.ahLength24,576
bytesCRC01D308EBMD561003630C1F6951ADD36EABC03C8A39CSHA15049A92E287556FF828B3B5D6540B8FDB33797AAOther Common
Detection AliasesCompany NameDetection NameAviraTR/Downloader.GenBitDefenderDropped:Generic.Malware.Fdldprn.
417CDDFFEset~a variant o...

Generic PUP.a!A08AB365

- Generic PUP.a!A08AB365 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic.dx!406396B7

- Generic.dx!406396B7 at McAfee

File PropertyProperty ValueFileNamesample.exeMcAfee DetectionGeneric.dxLength188,416
bytesCRC406396B7MD58DFC2D55F84CD9733C3825D1EFCF6587SHA151E2266AE79C0F6D8003A52EB085B4E3BD03F1A8Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/NSAntiAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Crypt.Delf.AFeSafe (Alladin)Suspi...

WORM_AUTORUN.EPZ

- WORM_AUTORUN.EPZ at Trend Micro

This worm arrives as attachment to email messages spammed by another malware or a malicious user.It may be
downloaded from remote sites by other malware. It may be downloaded unknowingly by a user when visiting
malicious Web site(s).It drops copies of itself in all removable drives. It drops an AUTORUN.INF file to
automatically execu...

Mal/Delf-O

- Mal/Delf-O at Sophos

...

Troj/Agent-HVE

- Troj/Agent-HVE at Sophos

Troj/Agent-HVE is a Trojan for the Windows platform. When first run
Troj/Agent-HVE copies itself to <Temp>\_A00F18279.exe and creates the file <System>\__c0079EA1.dat.
The following registry entries are created to run code exported by __c0079EA1.dat on
startup: ...

Troj/Bckdr-QPM

- Troj/Bckdr-QPM at Sophos

...

Troj/Dload-DS

- Troj/Dload-DS at Sophos

...

Troj/FakeAV-EI

- Troj/FakeAV-EI at Sophos

Troj/FakeAV-EI is a Trojan for the Windows platform. Troj/FakeAV-EI
includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/FakeAV-EI is installed it creates the file <Current Folder>\%ORIGFILENAME%.
T...

Troj/FakeAV-EJ

- Troj/FakeAV-EJ at Sophos

Troj/FakeAV-EJ is a Trojan for the Windows platform. Troj/FakeAV-EJ
includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/FakeAV-EJ copies itself to <Program Files>\Smart Antivirus 2009\Smart
Antivirus-2009.exe a...

Troj/PcClien-MI

- Troj/PcClien-MI at Sophos

...

Troj/Rootkit-DU

- Troj/Rootkit-DU at Sophos

Troj/Rootkit-DU is a Trojan for the Windows platform. Troj/Rootkit-DU
contains stealth functionality to hide its files, processes, and registry entries. The
Trojan may install itself as a service called "TDSSserv". Registry entries are set under:
HKLM\SY...

Troj/Zlob-AOW

- Troj/Zlob-AOW at Sophos

...

0 writebacks [10/04/2008 04:44] [] permanent link

Virus Malware and Threat News for 20081002

Generic PUP.x!429D8C03

- Generic PUP.x!429D8C03 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

PWS-OnlineGames.cn!861CB6E9

- PWS-OnlineGames.cn!861CB6E9 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength126,976
bytesCRC861CB6E9MD5224E4EF234C2DF936F26E1B21CDEE9DASHA1A85B87A8636D1832D56995DA64BF799ADD515B3BOther Common
Detection AliasesCompany NameDetection NameAviraTR/Crypt.XPACK.GeneSafe (Alladin)Suspicious File
[100]F-Prot~W32/Vaklik.genmicrosoftPWS:Wi...

W32/Checkout!CBA94B29

- W32/Checkout!CBA94B29 at McAfee

File PropertyProperty ValueFileNamepostcard.exeMcAfee DetectionW32/CheckoutLength85,504
bytesCRCCBA94B29MD5A36E3A1CDE6D78FCBB210A22E516EF2ASHA1BD990D6B333DCB255098C84CB04920617B3EBC90Other Common
Detection AliasesCompany NameDetection Namemicrosoftworm:win32/pushbot.gennormansandbox:
w32/malwareSymantecIRC TrojanAvert� Labs has obser...

Generic.dx!63E0D31C

- Generic.dx!63E0D31C at McAfee

File PropertyProperty ValueFileName100_13~1.exeMcAfee DetectionGeneric.dxLength187,392
bytesCRC63E0D31CMD5176EF319FC90EF601F6900DA99F0DCD9SHA1F7A190E91DCC0980094FF4CFD0BDD0B8406F062COther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/NSAntiAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Crypt.Delf.AFeSafe (Alladin)Sus...

PWS-OnlineGames.cn!937C5A3F

- PWS-OnlineGames.cn!937C5A3F at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength128,000
bytesCRC937C5A3FMD57A3C385F6D4CF8A6963BEF962D055580SHA15D090D00E7239568C254A62B217EA2EA9AC4648EOther Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

TROJ_SMALL.MEZ

- TROJ_SMALL.MEZ at Trend Micro

This Trojan arrives as attachment to email messages spammed by another malware or a malicious user. A sample
screenshot is given below:Trend Micro detects the password-protected ZIP file as TROJ_SMALL.ZIP. Users are
then able to extract the Trojan using the provided password.Upon execution, it starts the service McShield. It
then sta...

TROJ_PAKES.AXQ

- TROJ_PAKES.AXQ at Trend Micro

...

TROJ_PIDIEF.AR

- TROJ_PIDIEF.AR at Trend Micro

...

PE_PATCHED.EC

- PE_PATCHED.EC at Trend Micro

This file infector may be downloaded unknowingly by a user when visiting malicious Web sites.This is the Trend
Micro detection for copies of the legitimate Windows file USER32.DLL which have been injected with a malicious
code. The patching of the said legitimate file was made as part of the autostart technique of the main
component ...

Slenfbot.C

- Slenfbot.C at Panda

...

Mal/EncPk-FJ

- Mal/EncPk-FJ at Sophos

...

Mal/Wintrim-A

- Mal/Wintrim-A at Sophos

...

Troj/Agent-HNF

- Troj/Agent-HNF at Sophos

...

Troj/Bckdr-QPL

- Troj/Bckdr-QPL at Sophos

...

Troj/BHO-HG

- Troj/BHO-HG at Sophos

Troj/BHO-HG is a Trojan for the Windows platform. When run, Troj/BHO-HG
creates the files: <System>\retasevo.dll - detected as Troj/BHO-HG
<System>\tesawuzo.dll - detected as Troj/BHO-HG <System>\kewuziga.dll - detected as
Troj/BHO-HG ...

Troj/Dload-DP

- Troj/Dload-DP at Sophos

...

Troj/FakeAle-HY

- Troj/FakeAle-HY at Sophos

...

Troj/Fujif-Gen

- Troj/Fujif-Gen at Sophos

Troj/Fujif-Gen is a family of files, usually affected by members of the W32/Fujacks and
W32/Pardona family of viruses. Members of Troj/Fujif-Gen are usually a clean file that
has been modified to include an iframe pointing to remote malicious code.
...

0 writebacks [10/03/2008 04:44] [] permanent link

Virus Malware and Threat News for 20081001

SpywareGuard2008

- SpywareGuard2008 at Norton Symantec

BehaviorSpywareGuard2008 is a misleading application that may give exaggerated reports of threats on the
computer....

Generic Downloader.x!7F17841D

- Generic Downloader.x!7F17841D at McAfee

File PropertyProperty ValueFileNamel.exeMcAfee DetectionGeneric Downloader.xLength74,752
bytesCRC7F17841DMD536B83762DAE1F99988A303FC70BA15BCSHA1B8D43AB2948EC0F3174F2B75B1AD2B6C5AC4B819Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)generic11.abhqAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Downloader.Exchanger.Gen.2e...

Generic PUP.x!AF281559

- Generic PUP.x!AF281559 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.x!9F4478F1

- Generic PUP.x!9F4478F1 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic.dx!8DED2898

- Generic.dx!8DED2898 at McAfee

File PropertyProperty ValueFileNamepwrmgr.exeMcAfee DetectionGeneric.dxLength408,576
bytesCRC8DED2898MD566EEF71251CB79C842FFAC5B02BEE7DFSHA1B45CCCFFE3F2F474376DA86FDC84F3366B5A208BOther Common
Detection AliasesCompany NameDetection NameAviraDR/Delphi.GenBitDefenderTrojan.Delf.Inject.BBEMSI
SoftwareTrojan.Crypt.Delf.R!IKmicrosoftVirTo...

Generic PUP.x!81F37BFD

- Generic PUP.x!81F37BFD at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic.dx!F11C1893

- Generic.dx!F11C1893 at McAfee

File PropertyProperty ValueFileNameyok.exeMcAfee DetectionGeneric.dxLength28,672
bytesCRCF11C1893MD5274F6C26AFB22FACFBDC6BF521833660SHA1D5A60A3AB281679AFE61CA13AAB2F8D3A40550F5Other Common
Detection AliasesCompany NameDetection NameAviraHEUR/Malwaremicrosoftbrowsermodifier:
win32/yoksearchSymantecTrackware.YokBarvba32~Trojan-Downloade...

Generic.dx!47C3FC43

- Generic.dx!47C3FC43 at McAfee

Avert® Labs has observed the following system activities:ActivityRisk LevelRegisters
DLLsInformationalSystem ChangesThese are general defaults for typical path variables. (Although they may
differ, these examples are common.):%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows
NT/2000)%SystemDir% = \WINDOWS\SYSTEM (Windo...

Spy-Agent.bw!576F5079

- Spy-Agent.bw!576F5079 at McAfee

File PropertyProperty ValueFileNameautorun.exeMcAfee DetectionSpy-Agent.bwLength40,448
bytesCRC576F5079MD554475A28E6BF52D9D126E63865EBD96ASHA1C9F8C76EBD30CFB505EC01C986E0582FCC96A0D7Other Common
Detection AliasesCompany NameDetection NameF-ProtPossible W32/Malware!OC-basedKasperskyWorm.Win32.AutoRun.
prfSophosTroj/Agent-HUHSymantecDow...

W32/Autorun.worm.gen!1C58CF71

- W32/Autorun.worm.gen!1C58CF71 at McAfee

File PropertyProperty ValueFileNameh.exeMcAfee DetectionW32/Autorun.worm.genLength15,872
bytesCRC1C58CF71MD50A7964DE9D3F7B68373CEABEEFB3D0E4SHA1CAA0CE0A5D91CD85AA152D7AA311CCA84CBEABB7Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Rootkit-Agent.YAviraTR/Crypt.PEPM.GenBitDefenderWin32.
Worm.Autorun.LWDr.WebDLOADER...

PWS-OnlineGames.cn!AC22D434

- PWS-OnlineGames.cn!AC22D434 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength125,952
bytesCRCAC22D434MD5932D707EE5B89C941648A31900EEFD3DSHA1FF2A7F07E20C247F7EC2F29B87153AE8618DEEB0Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

W32/Spybot.worm.gen!31A4927E

- W32/Spybot.worm.gen!31A4927E at McAfee

File PropertyProperty ValueFileNameupdate.exeMcAfee DetectionW32/Spybot.worm.genLength66,570
bytesCRC31A4927EMD56E1664F4BA0CFCAC82D8F096E24CA265SHA140E69B2CD372772BF2A11EA1F18B2F25B7D5F6EBOther Common
Detection AliasesCompany NameDetection NameavastWin32:Trojan-gen {Other}AVG (GriSoft)BackDoor.Ircbot.
FNOAviraTR/Dropper.GenBitDefender...

Generic PUP.x!A5CB179C

- Generic PUP.x!A5CB179C at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but the...

FakeAlert-AG.gen.a!339D8A05

- FakeAlert-AG.gen.a!339D8A05 at McAfee

File PropertyProperty ValueFileNamelphcep~1.exeMcAfee DetectionFakeAlert-AG.gen.aLength185,856
bytesCRC339D8A05MD5560DD7E4B6CB26F64FA0915D0E4A5109SHA1A37EDB8A5AAB74DFFDAEFAA24B13C72960B2B90EOther Common
Detection AliasesCompany NameDetection NameeSafe (Alladin)Suspicious fileEsetprobably a variant of
Win32/Statikmicrosofttrojandownlo...

FakeAlert-AG.gen.a!6F4420DC

- FakeAlert-AG.gen.a!6F4420DC at McAfee

File PropertyProperty ValueFileNameblphce~1.exeMcAfee DetectionGeneric Downloader.xLength118,784
bytesCRC6F4420DCMD57A534E60E0917B1EABB052379F7DE01DSHA1D0A9C4B42BE4072109724AE9C8B0DE38BDC90242Other Common
Detection AliasesCompany NameDetection NameavastErrorAVG (GriSoft)downloader.generic7.aseiAviraJOKE/BlueScreen.
DEsetWin32/Joke.Blu...

PWS-OnlineGames.cn!0856BB8B

- PWS-OnlineGames.cn!0856BB8B at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength126,464
bytesCRC0856BB8BMD55D9F124C75055AB40CA0DA2D197587B5SHA13AE3FE406AA65FCC8837C8F1231892E1418400E1Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert� Labs has observed the
following system activities:Activ...

Generic.dx!9E9610C7

- Generic.dx!9E9610C7 at McAfee

File PropertyProperty ValueFileNamesample.exeMcAfee DetectionGeneric.dxLength483,738
bytesCRC9E9610C7MD57E3AA7CE9B0A99684D20D1F9CD9EE70ASHA1C792868B6CA65AE059B485FD08162FF923D6125BOther Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)Win32/NSAntiAviraTR/Crypt.XPACK.GenBitDefenderTrojan.
Crypt.Delf.AFeSafe (Alladin)Suspi...

Generic BackDoor!1CC62A3F

- Generic BackDoor!1CC62A3F at McAfee

File PropertyProperty ValueFileNamepostca~1.exeMcAfee DetectionGeneric BackDoorLength81,920
bytesCRC1CC62A3FMD58C3A2F174D760338070FB33A1C8452EESHA16F4F0C853999B3E3B0F3DD9360C0EFACDB6FEBFCOther Common
Detection AliasesCompany NameDetection NameAviraTR/Buzus.iijBitDefenderTrojan.Injector.AFF-ProtW32/DelfInject.
A.gen!EldoradoKasperskyHe...

Generic.dx!9B9EC3F2

- Generic.dx!9B9EC3F2 at McAfee

File PropertyProperty ValueFileName~.exeMcAfee DetectionGeneric.dxLength3,072
bytesCRC9B9EC3F2MD5038DF5ABF9399A2289923692D84B3BEFSHA116B54026C169B70653AE0727DCA159B2D6DDFE40Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/Agent.3072.ATavastWin32:Agent-ABLX [Trj]AVG
(GriSoft)Agent.ADJGAviraTR/Agent.acir.1BitDef...

Adware-ISM!E0069B13

- Adware-ISM!E0069B13 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Adware-ISM!C02D83D4

- Adware-ISM!C02D83D4 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Adware-ISM!10F58E02

- Adware-ISM!10F58E02 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic.dx!00055B43

- Generic.dx!00055B43 at McAfee

File PropertyProperty ValueFileName1.exeMcAfee DetectionGeneric.dxLength20,029
bytesCRC00055B43MD5D97AE9A39008437D143C7168F27E0BDBSHA12C685FF0332C9CC805B442CBFB30C00D396D1346Other Common
Detection AliasesCompany NameDetection NameahnlabWin-Trojan/MalPacked.GenAVG
(GriSoft)Win32/PEMaskAviraTR/Crypt.XPACK.GenBitDefenderTrojan.Dropper.S...

W32/Autorun.worm.gen!F949729C

- W32/Autorun.worm.gen!F949729C at McAfee

File PropertyProperty ValueFileNamecdos.exeMcAfee DetectionW32/Autorun.worm.genLength15,872
bytesCRCF949729CMD53B100D375719F9C97255DB5BEFBBEABBSHA1B9E0D09D85A5BBB6E6A03688374BB01B2159DBF7Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)KillavAviraTR/Crypt.PEPM.GenBitDefenderWin32.Worm.
Autorun.LWDr.WebDLOADER.Troja...

PWS-Banker!0B52DEAD

- PWS-Banker!0B52DEAD at McAfee

File PropertyProperty ValueFileNamemsne.exeMcAfee DetectionPWS-BankerLength1,290,240
bytesCRC0B52DEADMD508AC76E0EA89BAE83D07174ADDB11355SHA1257C8AEA3CC863BD0C4FC2629959BBEC9C21E9D9Other Common
Detection AliasesCompany NameDetection NameAviraTR/Spy.Banker.Gennormanbanker.dsrlSymantecBloodhound.Bancos.
1vba32Win32.Spy.Banker.PNJAvert&re...

Generic Downloader.x!26DD6B41

- Generic Downloader.x!26DD6B41 at McAfee

File PropertyProperty ValueFileNameintima~1.exeMcAfee DetectionGeneric Downloader.xLength108,032
bytesCRC26DD6B41MD503D101CFAEEEA41B9F2A29AFAD3B5A90SHA14A4C003D870F28005024281F46E128E0C37D0390Other Common
Detection AliasesCompany NameDetection NameAVG (GriSoft)generic11.afazAviraPCK/MoleboxBitDefenderTrojan.Crypt.
Delf.BDr.WebTrojan.D...

Adware-PurityScan!4C756A6C

- Adware-PurityScan!4C756A6C at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Puper!2D19DDA9

- Puper!2D19DDA9 at McAfee

File PropertyProperty ValueFileNamewmcode~1.exeMcAfee DetectionPuperLength407,073
bytesCRC2D19DDA9MD512D0BFB3EDA7B61B63145299927A2F48SHA166EB6AD2060D8FA0E5D673C4772CA26E327DB969Other Common
Detection AliasesCompany NameDetection Namenormanmalware.djfrSymantecTrojan.ZlobAvert® Labs has observed
the following system activities:Activ...

FakeAlert-AG.gen.a!14EB3BCB

- FakeAlert-AG.gen.a!14EB3BCB at McAfee

File PropertyProperty ValueFileNameavir20~1.exeMcAfee DetectionFakeAlert-AG.gen.aLength182,272
bytesCRC14EB3BCBMD5CC88423020ED702D38B158DDA57131B9SHA18CD293EE9026272EBBBDE44CB3DB11004F658CE9Other Common
Detection AliasesCompany NameDetection NameKasperskyTrojan-Downloader.Win32.Small.
adywmicrosofttrojandownloader:win32/renos.gen!aqAv...

WORM_SMALL.MDZ

- WORM_SMALL.MDZ at Trend Micro

This worm may be downloaded from remote sites by other malware. It may be dropped by other malware.It
propagates via the MSN Messenger application and removable drives.It modifies several files to allow itself
maximum network connection. It downloads updated copies of itself from certain URLs. It also attempts to
download files from ...

TROJ_DLOADER.II

- TROJ_DLOADER.II at Trend Micro

This Trojan may be downloaded unknowingly by a user when visiting malicious Web sites.This Trojan is a tool
for creating fake YouTube video pages. Malicious users can use the said tool to create two HTML files that can
be used for malicious purposes, such as redirecting target users to any malicious executable file hosted on
any serv...

Fakegooglebar.Z

- Fakegooglebar.Z at Panda

...

Troj/Agent-HUR

- Troj/Agent-HUR at Sophos

...

Troj/Keygen-CL

- Troj/Keygen-CL at Sophos

...

Troj/KillSys-C

- Troj/KillSys-C at Sophos

...

Troj/PSW-FT

- Troj/PSW-FT at Sophos

...

Troj/Agent-HUQ

- Troj/Agent-HUQ at Sophos

...

Troj/Jumin-H

- Troj/Jumin-H at Sophos

...

Troj/PSW-FS

- Troj/PSW-FS at Sophos

...

Mal/Bifrose-N

- Mal/Bifrose-N at Sophos

...

Troj/Agent-HUP

- Troj/Agent-HUP at Sophos

...

0 writebacks [10/02/2008 04:48] [] permanent link

Virus Malware and Threat News for 20080930

Trojan:W32/Monder.GEN

- Trojan:W32/Monder.GEN at F-Secure

Trojan.Win32.Monder.gen is generic detection of trojans that are involved in the installation of "Virtumonde"
adware/spyware....

Backdoor:W32/IRCBot.DIG

- Backdoor:W32/IRCBot.DIG at F-Secure

A remote administration tool (RAT) which bypasses normal security mechanisms to secretly control a program,
computer or network....

Adware.Webwise

- Adware.Webwise at Norton Symantec

BehaviorAdware.Webwise is an advertising service that analyzes Web traffic from a user and sends tailored
advertisements when visiting participating Web sites. The service is hosted by the Internet Service Provider
and does not require an application to be installed on the computer.
...

Generic PUP.x!F331D110

- Generic PUP.x!F331D110 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Generic PUP.x!4A789A53

- Generic PUP.x!4A789A53 at McAfee

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are
any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of
and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose,
but th...

Spy-Agent.br.dll!DB6F0396

- Spy-Agent.br.dll!DB6F0396 at McAfee

File PropertyProperty ValueFileName506341.exeMcAfee DetectionSpy-Agent.br.dllLength127,528
bytesCRCDB6F0396MD5C4830881AFFD3DE91FD1E0DA3235A99ASHA1A3D195826407CD5309A7A433099CAF8846035EA1Other Common
Detection AliasesCompany NameDetection NameavastWin32:Pophot-AMAviraBDS/Hupigon.GenBitDefenderTrojan.Pophot.
DDr.WebTrojan.Hitpop.originE...

PWS-OnlineGames.cn!D97351D7

- PWS-OnlineGames.cn!D97351D7 at McAfee

File PropertyProperty ValueFileNamezz.exeMcAfee DetectionPWS-OnlineGames.cnLength125,440
bytesCRCD97351D7MD5DA1C247B1E4B7E80B232C3C20695ECA6SHA196722B8CD633C081B4DAE7A1916425B3FB0398E1Other Common
Detection AliasesCompany NameDetection Namemicrosoftpws:win32/onlinegames.erAvert® Labs has observed the
following system activities:Ac...

PE_PATCHED.DV

- PE_PATCHED.DV at Trend Micro

This is the Trend Micro detection for copies of a certain legitimate Windows file that have been injected with
a malicious code.This file infector may arrive on a system dropped by other malware. Upon execution, it
searches for a certain possibly malicious file on the system and, if found, executes the said file.
...

Mal/Dropper-MAP

- Mal/Dropper-MAP at Sophos

...

Troj/Bancos-BEN

- Troj/Bancos-BEN at Sophos

...

Troj/Bifrose-WJ

- Troj/Bifrose-WJ at Sophos

...

Troj/FakeAle-HX

- Troj/FakeAle-HX at Sophos

...

Troj/Ole2Drop-C

- Troj/Ole2Drop-C at Sophos

...

Troj/Pidief-A

- Troj/Pidief-A at Sophos

...

Troj/Pushdo-W

- Troj/Pushdo-W at Sophos

...

Troj/Agent-HUG

- Troj/Agent-HUG at Sophos

...

Troj/Dloadr-BUG

- Troj/Dloadr-BUG at Sophos

...

W32/Autorun-KQ

- W32/Autorun-KQ at Sophos

When first run W32/Autorun-KQ copies itself to: <System>\vista.exe
W32/Autorun-KQ creates the following files in logical drives found on the infected
computer: <Root>\autorun.inf - detected as W32/Autorun-KQ
<Root>\a.exe - co...

0 writebacks [10/01/2008 04:47] [] permanent link