Virus Malware and Threat News for 20081127
Rogue:W32/VirusRemover2008.C - Rogue:W32/VirusRemover2008.C at F-Secure
'Rogue' software is an antivirus or antispyware program that tricks users into buying or installing it,
usually by infecting a user's computer, or by pretending the computer is infected.
...
Worm:W32/Downadup.A - Worm:W32/Downadup.A at F-Secure
A standalone malicious program which uses computer or network resources to make complete copies of itself. May
include code or other malware to damage both the system and the network.
...
Trojan-Downloader:OSX/Jahlev.A - Trojan-Downloader:OSX/Jahlev.A at F-Secure
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the
files....
Adware.OneStep - Adware.OneStep at Norton Symantec
BehaviorAdware.OneStep is a security risk that installs itself as a browser search plug-in.
...
Packed.Generic.199 - Packed.Generic.199 at Norton Symantec
Packed.Generic.199 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
Packed.Generic.198 - Packed.Generic.198 at Norton Symantec
Packed.Generic.198 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
Packed.Generic.197 - Packed.Generic.197 at Norton Symantec
Packed.Generic.197 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...
W32/Conficker.worm - W32/Conficker.worm at McAfee
When executed, the worm copies itself using a random name to the %Sysdir% folder.(Where %Sysdir% is the
Windows system folder; e.g. C:\Windows\System32)It modifies the following registry key to create a
randomly-named service on the affected syetem:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters\"Service...
Conficker.B - Conficker.B at Panda
It exploits the vulnerability MS08-067 in the Windows Server Service in order to spread itself and
download the rogue antimalware detected as Adware/Antivirus2009.
...
BankoLimb.BW - BankoLimb.BW at Panda
It is designed to steal users' banking data related to a certain British banking entity. When they access the
website of this bank, the Trojan adds extra fields to the legitimate website and logs the
information entered. It does not spread automatically using its own means.
...
Mal/BckDr-A - Mal/BckDr-A at Sophos
...
Mal/Seimon-A - Mal/Seimon-A at Sophos
...
Troj/Agent-IIV - Troj/Agent-IIV at Sophos
...
Troj/Agent-IIW - Troj/Agent-IIW at Sophos
...
Troj/Dloadr-CAZ - Troj/Dloadr-CAZ at Sophos
...
Troj/FakeMD5-A - Troj/FakeMD5-A at Sophos
...
Troj/NtRootK-ED - Troj/NtRootK-ED at Sophos
...
Troj/Zlob-Gen - Troj/Zlob-Gen at Sophos
Troj/Zlob-Gen detects members of the Zlob family of Trojan downloaders.The Troj/Zlob-Gen family of Trojans
usually attempt to stealth themselves by injecting themselves into another system process or by registering
themselves as a service process.The typical Troj/Zlob-Gen Trojan may create folders in the <System>
folder and sto...
W32/Autorun-QP - W32/Autorun-QP at Sophos
W32/Autorun-QP is a worm for the Windows platform. W32/Autorun-QP copies
itself to the <SYSTEM> folder and sets a registry entry to run on startup.
W32/Autorun-QP copies itself to removable storage devices when inserted into the computer and creates an
autorun.inf file...
Worm:W32/Autorun.KK - Worm:W32/Autorun.KK at F-Secure
A standalone malicious program which uses computer or network resources to make complete copies of itself. May
include code or other malware to damage both the system and the network.
...
Worm:W32/AutoIt.Q - Worm:W32/AutoIt.Q at F-Secure
This malware spreads by copying itself to removable devices and replacing the autorun.inf of the device with
its own copy to ensure automatic execution.
...
Nakhatar.A - Nakhatar.A at Panda
It carries out several modifications in the Windows Registry, which prevent the computer from working
properly. It disables several options such as the Task Manager and the Folder Options, among others. It
spreads making copies of itself in all the available system drives.
...
Mal/VidHtml-F - Mal/VidHtml-F at Sophos
Mal/VidHtml-F is a malicious script that attempts to redirect to a malicious executable file.
The script is often found in a page pretending to be YouTube or another video site. The
malicious executable often pretends to be related to a video codec or a Flash update.
...
Troj/Dialer-FW - Troj/Dialer-FW at Sophos
...
Troj/PSW-GA - Troj/PSW-GA at Sophos
...
W32/Insom-A - W32/Insom-A at Sophos
...
W32/Jeff-A - W32/Jeff-A at Sophos
W32/Jeff-A may overwite file data during infection. As a result, some files may not be recoverable.
...
Mal/Trakil-A - Mal/Trakil-A at Sophos
...
Mal/VidHtml-A - Mal/VidHtml-A at Sophos
Mal/VidHtml-A is a malicious script that attempts to redirect to a malicious executable file.
The script is often found in a page pretending to be YouTube or another video site. The
malicious executable often pretends to be related to a video codec or a Flash update.
...
Mal/WnSpyProt-A - Mal/WnSpyProt-A at Sophos
Mal/WnSpyProt-A is a family of fake Anti-Virus programs.
...
Troj/BDoor-Gen - Troj/BDoor-Gen at Sophos
...
0 writebacks [11/28/2008 06:02]
[]
permanent link
|
