Virus Malware and Threat News for 20090129
Trojan:W32/Waledac.gen - Trojan:W32/Waledac.gen at F-Secure
Trojan:W32/Waledac.gen is generic detection of the Waledac trojan.
...
Trojan:W32/Waledac.A - Trojan:W32/Waledac.A at F-Secure
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious,
functions. The program is often started by the user, and it does not usually replicate.
...
Bloodhound.PDF.7 - Bloodhound.PDF.7 at Norton Symantec
Bloodhound.PDF.7 is a heuristic detection for potentially malicious PDF files that may exploit known
vulnerabilities in Adobe Acrobat in order to perform further malicious actions.
...
AquaPlay - AquaPlay at Panda
It passes itself off as a codec to view videos. Once installed, it downloads the worm Autorun.AST to the
affected computer. It can be downloaded from certain dubious websites passing itself as a codec to view videos.
...
Mal/Mdrop-K - Mal/Mdrop-K at Sophos
...
Troj/Dloadr-CFS - Troj/Dloadr-CFS at Sophos
...
Troj/FakeAV-JW - Troj/FakeAV-JW at Sophos
...
Troj/Agent-IRL - Troj/Agent-IRL at Sophos
Troj/Agent-IRL copies itself to <Temp>\ms<random number>.exe.
Troj/Agent-IRL creates the following registry value: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
InetChk <Temp>\ms<random value>.exe work Troj/Agent-IRL
continuou...
Troj/Bdoor-ASK - Troj/Bdoor-ASK at Sophos
...
Troj/Punad-E - Troj/Punad-E at Sophos
...
Troj/Waled-U - Troj/Waled-U at Sophos
Troj/Waled-U is a Trojan for the Windows platform. Troj/Waled-U includes
functionality to access the internet and communicate with a remote server via HTTP. The
following registry entry is created to run Troj/Waled-U on startup:
HKLM\SOFTWARE\Microsoft\W...
W32/AutoRun-WB - W32/AutoRun-WB at Sophos
...
W32/Autorun-WC - W32/Autorun-WC at Sophos
...
W32/Autorun-WD - W32/Autorun-WD at Sophos
W32/Autorun-WD creates the file autoinf.ini which is detected as W32/Autorun-VA.
W32/Autorun-WS copies itself to <System>\macfee_.exe <Windows>\macfee_.
exe W32/Autorn-WS creates a scheduled task called at1 to run itself.
...
Infostealer.Nadebanker - Infostealer.Nadebanker at Norton Symantec
Infostealer.Nadebanker is a Trojan horse that gathers information from the compromised computer.
...
Spyware.KeyProwler - Spyware.KeyProwler at Norton Symantec
BehaviorSpyware.KeyProwler is a spyware program that logs keystrokes typed into the computer.
...
WORM_RAKAB.A - WORM_RAKAB.A at Trend Micro
This worm may be dropped by other malware.It drops multiple files on the affected system, including a copy of
itself.It drops a copy of itself in all physical and removable drives. It also drops an AUTORUN.INF file to
automatically execute dropped copies when the drives are accessed.
...
WORM_SILLY.KAX - WORM_SILLY.KAX at Trend Micro
This worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be
downloaded from certain remote sites. It may be downloaded unknowingly by a user when visiting malicious Web
sites.It creates folders. It drops copies of itself. It injects threads into normal processes.It creates
registry en...
Mal/Alureon-C - Mal/Alureon-C at Sophos
...
Troj/Dloadr-CFW - Troj/Dloadr-CFW at Sophos
...
Troj/Agent-ISR - Troj/Agent-ISR at Sophos
...
Troj/Agent-IST - Troj/Agent-IST at Sophos
...
Troj/Dload-EX - Troj/Dload-EX at Sophos
...
Troj/Mdrop-BYP - Troj/Mdrop-BYP at Sophos
...
Troj/Proxy-IV - Troj/Proxy-IV at Sophos
...
Troj/PWSteal-G - Troj/PWSteal-G at Sophos
Troj/PWSteal-G is a password stealing Trojan for the Windows platform. When
Troj/PWSteal-G is installed the following files are created: <Program
Files>\Explorer\keys.txt <Program Files>\Explorer\crs.exe
<Windows>\megangoodslideshow1.exe...
Troj/Zbot-CC - Troj/Zbot-CC at Sophos
...
0 writebacks [01/30/2009 22:43]
[]
permanent link
|
