Virus Malware and Threat News for 20081227
W32/Waledac - W32/Waledac at McAfee
Note: Detection for this threat is available as Generic.dx from DAT version 5475. This threat will be detected
as W32/Waledec from DAT version 5478.A spammed message containing an attachment "ecard.exe" arrives
with the following subject lines:Free christmas Ecards Christmas card from a friend Merry Xmas!Given below is
a sc...
TROJ_BANKER.DPX - TROJ_BANKER.DPX at Trend Micro
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by
users when visiting malicious sites.It monitors the Internet Explorer (IE) activities of the affected system,
specifically the title bar. It recreates a legitimate Web site with a spoofed login page if a user visits
banking sites...
TROJ_ZBOT.ACY - TROJ_ZBOT.ACY at Trend Micro
This Trojan arrives as a file downloaded from the URL. Upon execution, this malware drops a copy of itself in
the system folder and appends garbage code to the dropped copy to avoid easy detection. It creates the folder
with its attributes set to system and hidden to prevent users from discovering and removing its components. It
cre...
Emogen.B - Emogen.B at Panda
It is designed to connect to a remote server through which the computer can be remotely controlled
by an attacking user. It does not spread automatically by its own means.
...
Troj/Bckdr-QOZ - Troj/Bckdr-QOZ at Sophos
Troj/Bckdr-QOZ is a Trojan for the Windows platform. When Troj/Bckdr-QOZ is
installed it creates the file <System>\jomoruho. This file is not malicious and may be deleted.
Troj/Bckdr-QOZ sets the following registry entries, disabling the automatic startup of other
softwa...
VBS/Autorun-ST - VBS/Autorun-ST at Sophos
VBS/Autorun-ST is a Trojan downloader for the Windows platform.
...
W32/Autorun-SU - W32/Autorun-SU at Sophos
W32/Autorun-SU is a worm for the Windows platform. W32/Autorun-SU spreads
to other network computers. W32/Autorun-SU includes functionality to access the
internet and communicate with a remote server via HTTP. When first run W32/Autorun-SU
copies itself ...
W32/VB-DOC - W32/VB-DOC at Sophos
W32/VB-DOC is a worm for the Windows platform. When executed the worm
copies itself to: <Windows>\SYSTEMIL.EXE <Documents and
Settings>\user\Start Menu\Programs\Startup\SYSTEMIL1.EXE <Documents and Settings>\All
Users\Start Menu\Programs...
W32/Waled-B - W32/Waled-B at Sophos
W32/Waled-B is a worm for the Windows platform. W32/Waled-B includes
functionality to access the internet and communicate with a remote server via HTTP and send itself out using
built-in SMTP client. The worm creates the following registry values to run itself on
Windows start...
Troj/AdClick-FG - Troj/AdClick-FG at Sophos
...
Troj/Agent-HLE - Troj/Agent-HLE at Sophos
...
Troj/Agent-HLO - Troj/Agent-HLO at Sophos
...
Troj/FakeVir-IU - Troj/FakeVir-IU at Sophos
...
Troj/Agent-ILV - Troj/Agent-ILV at Sophos
...
Troj/PWS-AXD - Troj/PWS-AXD at Sophos
...
Troj/DownLnk-A - Troj/DownLnk-A at Sophos
Troj/DownLnk-A is a Windows Shortcut (.lnk) file which executes a command prompt with paramaters
to download and execute a file from the internet.
...
Troj/Waled-C - Troj/Waled-C at Sophos
Troj/Waled-C is a backdoor Trojan for the Windows platform. When run
Troj/Waled-C sets the following registry entry:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PromoReg <path to Trojan
executable>
...
Troj/PSW-GG - Troj/PSW-GG at Sophos
Troj/PSW-GG is a Trojan for the Windows platform. When run Troj/PSW-GG
creates the files: <Windows>\help\<random characters 1>.dll - detected as Troj/PSW-GG
<Windows>\help\<random characters 2>.dll - detected as Troj/PSW-GG
and set...
0 writebacks [12/28/2008 05:51]
[]
permanent link
|
