MWBLOG.ORG

Virus Malware and Threat News for 20090730

Suspicious.Cinmeng

- Suspicious.Cinmeng at Norton Symantec

Suspicious.Cinmeng is a detection technology designed to detect entirely new malware threats without
traditional signatures. This technology is aimed at detecting malicious software that has been intentionally
mutated or morphed by attackers.
...

AL/Utax-A

- AL/Utax-A at Sophos

AL/Utax-A arrives a the file acaddoc.fas and will attempt to load acad.reg.
...

Mal/RusDrp-A

- Mal/RusDrp-A at Sophos

...

Mal/Wintrim-B

- Mal/Wintrim-B at Sophos

...

Troj/Agent-KRR

- Troj/Agent-KRR at Sophos

...

Troj/Agent-KRS

- Troj/Agent-KRS at Sophos

...

Troj/FakeAle-OV

- Troj/FakeAle-OV at Sophos

...

Troj/FakeAle-OW

- Troj/FakeAle-OW at Sophos

...

Troj/FakeAle-OX

- Troj/FakeAle-OX at Sophos

...

W32/Autorun-ANF

- W32/Autorun-ANF at Sophos

W32/Autorun-ANF is a worm for the Windows platform. When run
W32/Autorun-ANF creates the following files: <System>\28463\svchost.001
<System>\28463\svchost.exe <System>\regsvr.exe <System>\setup.ini
<Window...

Mal/EncPk-JM

- Mal/EncPk-JM at Sophos

...

007AntiSpyware

- 007AntiSpyware at Norton Symantec

...

Mal/BredoPk-B

- Mal/BredoPk-B at Sophos

Mal/BredoPk-B is a family of Trojans which are typically mass-mailed via spam and have
functionality to download and execute malware.
...

Mal/EncPk-JO

- Mal/EncPk-JO at Sophos

...

Troj/Agent-KSD

- Troj/Agent-KSD at Sophos

...

Troj/BKit-A

- Troj/BKit-A at Sophos

...

Troj/FakeAV-WQ

- Troj/FakeAV-WQ at Sophos

...

W32/AutoIt-FK

- W32/AutoIt-FK at Sophos

...

Mal/BKitDrp-A

- Mal/BKitDrp-A at Sophos

Mal/BKitDrp-A is a MBR rootkit installer.
...

Troj/Agent-KRZ

- Troj/Agent-KRZ at Sophos

...

Troj/Agent-KSC

- Troj/Agent-KSC at Sophos

...

0 writebacks [07/31/2009 21:47] [] permanent link

Virus Malware and Threat News for 20090729

RegistryEasy

- RegistryEasy at Norton Symantec

BehaviorRegistryEasy is a potentially unwanted application that is being promoted through aggressive means.
...

JS_OWCREF.A

- JS_OWCREF.A at Trend Micro

...

Troj/FakeAV-WP

- Troj/FakeAV-WP at Sophos

...

Troj/Mdrop-CEK

- Troj/Mdrop-CEK at Sophos

...

W32/AutoRun-AMZ

- W32/AutoRun-AMZ at Sophos

...

W32/Autorun-ANA

- W32/Autorun-ANA at Sophos

W32/Autorun-ANA spreads by copying itself to removable devices such as USB sticks.
W32/Autorun-ANA copies itself to the <profile> folder as a hidden file and creates the following
registry entry to run itself on system restart:
HKCU\Software\Microsoft\Windows\CurrentVers...

W32/AutoRun-ANB

- W32/AutoRun-ANB at Sophos

...

W32/Autorun-ANC

- W32/Autorun-ANC at Sophos

...

JS/Agent-KRL

- JS/Agent-KRL at Sophos

...

Troj/Agent-KRM

- Troj/Agent-KRM at Sophos

...

Troj/Clicker-FK

- Troj/Clicker-FK at Sophos

...

XM/Laroux-AP

- XM/Laroux-AP at Sophos

XM/Laroux-AP is a variant of XM/Laroux which uses the file ECSYSTEM.XLS to store itself.
...

Suspicious.Cinmeng

AL/Utax-A

- AL/Utax-A at Sophos

AL/Utax-A arrives a the file acaddoc.fas and will attempt to load acad.reg.
...

Mal/RusDrp-A

- Mal/RusDrp-A at Sophos

...

Mal/Wintrim-B

- Mal/Wintrim-B at Sophos

...

Troj/Agent-KRR

- Troj/Agent-KRR at Sophos

...

Troj/Agent-KRS

- Troj/Agent-KRS at Sophos

...

Troj/FakeAle-OV

- Troj/FakeAle-OV at Sophos

...

Troj/FakeAle-OW

- Troj/FakeAle-OW at Sophos

...

Troj/FakeAle-OX

- Troj/FakeAle-OX at Sophos

...

W32/Autorun-ANF

Mal/EncPk-JM

- Mal/EncPk-JM at Sophos

...

0 writebacks [07/30/2009 21:51] [] permanent link

Virus Malware and Threat News for 20090728

Hacktool.Stonedbootkit

- Hacktool.Stonedbootkit at Norton Symantec

Hacktool.Stonedbootkit is a Trojan horse that installs Boot.Stonedbootkit on the compromised computer.
...

Boot.Stonedbootkit

- Boot.Stonedbootkit at Norton Symantec

Boot.Stonedbootkit is a virus that infects the master boot record (MBR) on the compromised computer.
...

Troj/Bankr-E

- Troj/Bankr-E at Sophos

...

Troj/FakeAle-OS

- Troj/FakeAle-OS at Sophos

...

Troj/Mdrop-CEI

- Troj/Mdrop-CEI at Sophos

...

Troj/NTRoot-E

- Troj/NTRoot-E at Sophos

...

Troj/SFCHck-A

- Troj/SFCHck-A at Sophos

...

W32/AutoIt-FH

- W32/AutoIt-FH at Sophos

...

Troj/DarkMoon-B

- Troj/DarkMoon-B at Sophos

...

Troj/PDFEx-BN

- Troj/PDFEx-BN at Sophos

...

Troj/PWS-BCP

- Troj/PWS-BCP at Sophos

...

Troj/Zbot-GX

- Troj/Zbot-GX at Sophos

...

RegistryEasy

- RegistryEasy at Norton Symantec

BehaviorRegistryEasy is a potentially unwanted application that is being promoted through aggressive means.
...

JS_OWCREF.A

- JS_OWCREF.A at Trend Micro

...

Troj/FakeAV-WP

- Troj/FakeAV-WP at Sophos

...

Troj/Mdrop-CEK

- Troj/Mdrop-CEK at Sophos

...

W32/AutoRun-AMZ

- W32/AutoRun-AMZ at Sophos

...

W32/Autorun-ANA

W32/AutoRun-ANB

- W32/AutoRun-ANB at Sophos

...

W32/Autorun-ANC

- W32/Autorun-ANC at Sophos

...

JS/Agent-KRL

- JS/Agent-KRL at Sophos

...

Troj/Agent-KRM

- Troj/Agent-KRM at Sophos

...

Troj/Clicker-FK

- Troj/Clicker-FK at Sophos

...

XM/Laroux-AP

- XM/Laroux-AP at Sophos

XM/Laroux-AP is a variant of XM/Laroux which uses the file ECSYSTEM.XLS to store itself.
...

0 writebacks [07/29/2009 21:42] [] permanent link

Virus Malware and Threat News for 20090727

Trojan.Interrupdate

- Trojan.Interrupdate at Norton Symantec

Trojan.Interrupdate is a Trojan horse that lowers security settings.
...

AVCare

- AVCare at Norton Symantec

BehaviorAVCare is a misleading application that may give exaggerated reports of threats on the computer.
...

Trojan.Downexec.F!inf

- Trojan.Downexec.F!inf at Norton Symantec

Trojan.Downexec.F!inf is a detection for files infected with code that downloads and executes potentially
malicious files....

Troj/Agent-KQX

- Troj/Agent-KQX at Sophos

...

Troj/Agent-KQY

- Troj/Agent-KQY at Sophos

...

Troj/Agent-KQZ

- Troj/Agent-KQZ at Sophos

...

Troj/FakeAv-WL

- Troj/FakeAv-WL at Sophos

...

Troj/Agent-KQV

- Troj/Agent-KQV at Sophos

...

Troj/Agent-KQW

- Troj/Agent-KQW at Sophos

Troj/Agent-KQW is a Trojan for the Windows platform. When run
Troj/Agent-KQW creates the following registry entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run cmuc <path to Trojan
executable>
...

Troj/Dropr-BI

- Troj/Dropr-BI at Sophos

...

Troj/DwnLdr-HUW

- Troj/DwnLdr-HUW at Sophos

...

Troj/DwnLdr-HUX

- Troj/DwnLdr-HUX at Sophos

...

Troj/FakeAV-WK

- Troj/FakeAV-WK at Sophos

...

Hacktool.Stonedbootkit

- Hacktool.Stonedbootkit at Norton Symantec

Hacktool.Stonedbootkit is a Trojan horse that installs Boot.Stonedbootkit on the compromised computer.
...

Boot.Stonedbootkit

- Boot.Stonedbootkit at Norton Symantec

Boot.Stonedbootkit is a virus that infects the master boot record (MBR) on the compromised computer.
...

Troj/Bankr-E

- Troj/Bankr-E at Sophos

...

Troj/FakeAle-OS

- Troj/FakeAle-OS at Sophos

...

Troj/Mdrop-CEI

- Troj/Mdrop-CEI at Sophos

...

Troj/NTRoot-E

- Troj/NTRoot-E at Sophos

...

Troj/SFCHck-A

- Troj/SFCHck-A at Sophos

...

W32/AutoIt-FH

- W32/AutoIt-FH at Sophos

...

Troj/DarkMoon-B

- Troj/DarkMoon-B at Sophos

...

Troj/PDFEx-BN

- Troj/PDFEx-BN at Sophos

...

Troj/PWS-BCP

- Troj/PWS-BCP at Sophos

...

Troj/Zbot-GX

- Troj/Zbot-GX at Sophos

...

0 writebacks [07/28/2009 21:44] [] permanent link

Virus Malware and Threat News for 20090726

BKDR_PCCLIEN.DAF

- BKDR_PCCLIEN.DAF at Trend Micro

This backdoor may be dropped by other malware. It may be downloaded unknowingly by a user when visiting
malicious Web site(s).It drops several component file(s).It executes a dropped .BAT file that contains several
commands intended to perform different routines on the affected system.Upon execution of a certain .EXE file
that is als...

W32/AutoRun-AMW

- W32/AutoRun-AMW at Sophos

W32/AutoRun-AMW is a worm for the Windows platform. When the application is
installed it makes copies of itself with the same name as each folder in the root of each drive e.g.:
<Root>\Documents and Settings.exe <Root>\Program Files.exe
<Ro...

Troj/Agent-KQR

- Troj/Agent-KQR at Sophos

Troj/Agent-KQR is a backdoor Trojan for the Windows platform. When run,
Troj/Agent-KQR sets the following registry entry:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run <name of Trojan executable>
<path to Trojan executable>

Troj/Agent-KQS

- Troj/Agent-KQS at Sophos

...

Troj/Bckdr-QXD

- Troj/Bckdr-QXD at Sophos

...

Troj/Bifrose-XX

- Troj/Bifrose-XX at Sophos

...

Troj/Mdrop-CEH

- Troj/Mdrop-CEH at Sophos

Troj/Mdrop-CEH is a Trojan for the Windows platform. When run
Troj/Mdrop-CEH creates the file: <System>\firewal.exe - detected as
Troj/Agent-KQR...

Troj/Agent-KQQ

- Troj/Agent-KQQ at Sophos

...

Troj/PSW-HB

- Troj/PSW-HB at Sophos

...

Troj/PSW-HC

- Troj/PSW-HC at Sophos

Troj/PSW-HC is a Trojan for the Windows platform. When run Troj/PSW-HC
creates the files: <Root>\arabic_attackers.exe - this file can be safely removed
<Root>\list.txt - this file can be safely removed <Root>\MsnPass.exe - detected as
Troj/PSW-HC...

Troj/VB-EFR

- Troj/VB-EFR at Sophos

...

Trojan.Interrupdate

- Trojan.Interrupdate at Norton Symantec

Trojan.Interrupdate is a Trojan horse that lowers security settings.
...

AVCare

- AVCare at Norton Symantec

BehaviorAVCare is a misleading application that may give exaggerated reports of threats on the computer.
...

Trojan.Downexec.F!inf

- Trojan.Downexec.F!inf at Norton Symantec

Trojan.Downexec.F!inf is a detection for files infected with code that downloads and executes potentially
malicious files....

Troj/Agent-KQX

- Troj/Agent-KQX at Sophos

...

Troj/Agent-KQY

- Troj/Agent-KQY at Sophos

...

Troj/Agent-KQZ

- Troj/Agent-KQZ at Sophos

...

Troj/FakeAv-WL

- Troj/FakeAv-WL at Sophos

...

Troj/Agent-KQV

- Troj/Agent-KQV at Sophos

...

Troj/Agent-KQW

Troj/Dropr-BI

- Troj/Dropr-BI at Sophos

...

Troj/DwnLdr-HUW

- Troj/DwnLdr-HUW at Sophos

...

Troj/DwnLdr-HUX

- Troj/DwnLdr-HUX at Sophos

...

Troj/FakeAV-WK

- Troj/FakeAV-WK at Sophos

...

0 writebacks [07/27/2009 21:41] [] permanent link

Virus Malware and Threat News for 20090725

Suspicious.S.Vundo.4

- Suspicious.S.Vundo.4 at Norton Symantec

Suspicious.S.Vundo.4 is a detection technology designed to detect entirely new malware threats without
traditional signatures. This technology is aimed at detecting malicious software that has been intentionally
mutated or morphed by attackers.
...

Trojan.Ransompage

- Trojan.Ransompage at Norton Symantec

Trojan.Ransompage is a Trojan horse that displays an image on predetermined Web Browsers.
...

Troj/Agent-KQP

- Troj/Agent-KQP at Sophos

...

Troj/Agent-KQN

- Troj/Agent-KQN at Sophos

...

Troj/Agent-KQO

- Troj/Agent-KQO at Sophos

...

Troj/Bifrose-XU

- Troj/Bifrose-XU at Sophos

...

Troj/Bifrose-XV

- Troj/Bifrose-XV at Sophos

...

Troj/Bifrose-XW

- Troj/Bifrose-XW at Sophos

...

W32/AutoRun-AMV

- W32/AutoRun-AMV at Sophos

...

Troj/Agent-KQM

- Troj/Agent-KQM at Sophos

...

BKDR_PCCLIEN.DAF

W32/AutoRun-AMW

Troj/Agent-KQR

Troj/Agent-KQS

- Troj/Agent-KQS at Sophos

...

Troj/Bckdr-QXD

- Troj/Bckdr-QXD at Sophos

...

Troj/Bifrose-XX

- Troj/Bifrose-XX at Sophos

...

Troj/Mdrop-CEH

- Troj/Mdrop-CEH at Sophos

Troj/Mdrop-CEH is a Trojan for the Windows platform. When run
Troj/Mdrop-CEH creates the file: <System>\firewal.exe - detected as
Troj/Agent-KQR...

Troj/Agent-KQQ

- Troj/Agent-KQQ at Sophos

...

Troj/PSW-HB

- Troj/PSW-HB at Sophos

...

Troj/PSW-HC

Troj/VB-EFR

- Troj/VB-EFR at Sophos

...

0 writebacks [07/26/2009 21:41] [] permanent link

Virus Malware and Threat News for 20090724

Suspicious.S.Gen.1

- Suspicious.S.Gen.1 at Norton Symantec

Suspicious.S.Gen.1 is a detection technology designed to detect entirely new malware threats without
traditional signatures. This technology is aimed at detecting malicious software that has been intentionally
mutated or morphed by attackers.
...

Downloader.Wowick

- Downloader.Wowick at Norton Symantec

Downloader.Wowick is a Trojan horse that may download files on to the compromised computer.
...

TROJ_FAKEAV.FT

- TROJ_FAKEAV.FT at Trend Micro

This Trojan has received attention from independent media sources and/or other security firms. It may be
downloaded from certain remote sites by other malware detected by Trend Micro as HTML_FAKEAV.FT. It may also
be downloaded unknowingly by a user when visiting malicious Web sites.It may be hosted on a Web site and run
when a user ...

HTML_FAKEAV.FT

- HTML_FAKEAV.FT at Trend Micro

This malicious HTML script has received attention from independent media sources and/or other security firms.
It is a script hosted on a malicious site. Upon execution, it displays fake alerts that warn users of
infection. It also displays fake scanning results of the affected system. These fake pop-ups then lead users
to download a ...

Troj/BredoZp-B

- Troj/BredoZp-B at Sophos

...

Troj/Agent-KQK

- Troj/Agent-KQK at Sophos

...

Troj/BredoZp-A

- Troj/BredoZp-A at Sophos

...

Troj/StartP-CB

- Troj/StartP-CB at Sophos

...

Troj/Bredo-B

- Troj/Bredo-B at Sophos

...

Mal/Bredo-A

- Mal/Bredo-A at Sophos

Mal/Bredo-A is a malicious program sent out via spam.
...

Mal/BredoPk-A

- Mal/BredoPk-A at Sophos

Mal/BredoPk-A is member of a family of malware which is typically mass-mailed.
...

Mal/Zlob-AJ

- Mal/Zlob-AJ at Sophos

...

Troj/Agent-KQJ

- Troj/Agent-KQJ at Sophos

Troj/Agent-KQJ is a Trojan for the Windows platform. When installed
Troj/Agent-KQJ copies itself to: <System>\userinit.exe The original
userinit.exe is copied to stu2.exe.
...

Suspicious.S.Vundo.4

Trojan.Ransompage

- Trojan.Ransompage at Norton Symantec

Trojan.Ransompage is a Trojan horse that displays an image on predetermined Web Browsers.
...

Troj/Agent-KQP

- Troj/Agent-KQP at Sophos

...

Troj/Agent-KQN

- Troj/Agent-KQN at Sophos

...

Troj/Agent-KQO

- Troj/Agent-KQO at Sophos

...

Troj/Bifrose-XU

- Troj/Bifrose-XU at Sophos

...

Troj/Bifrose-XV

- Troj/Bifrose-XV at Sophos

...

Troj/Bifrose-XW

- Troj/Bifrose-XW at Sophos

...

W32/AutoRun-AMV

- W32/AutoRun-AMV at Sophos

...

Troj/Agent-KQM

- Troj/Agent-KQM at Sophos

...

0 writebacks [07/25/2009 21:49] [] permanent link

Virus Malware and Threat News for 20090723

Trojan-Dropper:W32/Blocker.A

- Trojan-Dropper:W32/Blocker.A at F-Secure

...

Trojan:W32/Agent.AF

- Trojan:W32/Agent.AF at F-Secure

...

Trojan.Swifi

- Trojan.Swifi at Norton Symantec

Trojan.Swifi is a Trojan horse that exploits a vulnerability in Adobe Flash Player and may be downloaded from
a Web site....

W32.Palevo

- W32.Palevo at Norton Symantec

W32.Palevo is a worm that spreads through removable drives.
...

Bloodhound.Exploit.265

- Bloodhound.Exploit.265 at Norton Symantec

Bloodhound.Exploit.265 is a heuristic detection for the files which exploit Microsoft Office Web Components
ActiveX Control 'Evaluate()' Insecure Method Vulnerability (BID 35642).
...

TROJ_PIDIEF.ANQ

- TROJ_PIDIEF.ANQ at Trend Micro

This Trojan exploits a 0-day vulnerability in Adobe Reader version 9.1.2 and Flash Player 9 and 10. This
specially crafted PDF file contains an embedded malicious Flash application which when viewed by a user may
allow a malicious user to take control over an affected system.More information on this vulnerability can be
found below:A...

Troj/Agent-KQG

- Troj/Agent-KQG at Sophos

...

Troj/Agent-KQH

- Troj/Agent-KQH at Sophos

...

Mal/Smorph-A

- Mal/Smorph-A at Sophos

...

Troj/Agent-KQE

- Troj/Agent-KQE at Sophos

...

Troj/Bank-R

- Troj/Bank-R at Sophos

Troj/Bank-R is a Trojan for the Windows platform. Troj/Bank-R is spread via
bank phishing emails. Troj/Bank-R includes functionality to access the internet and
communicate with a remote server via HTTP. When first run Troj/Bank-R copies
itself to ...

Troj/Bank-S

- Troj/Bank-S at Sophos

...

Troj/Bckdr-QXA

- Troj/Bckdr-QXA at Sophos

...

Troj/Dloadr-CQP

- Troj/Dloadr-CQP at Sophos

...

Troj/FakeAV-WJ

- Troj/FakeAV-WJ at Sophos

...

Troj/KeyLog-LQ

- Troj/KeyLog-LQ at Sophos

...

Suspicious.S.Gen.1

Downloader.Wowick

- Downloader.Wowick at Norton Symantec

Downloader.Wowick is a Trojan horse that may download files on to the compromised computer.
...

TROJ_FAKEAV.FT

HTML_FAKEAV.FT

Troj/BredoZp-B

- Troj/BredoZp-B at Sophos

...

Troj/Agent-KQK

- Troj/Agent-KQK at Sophos

...

Troj/BredoZp-A

- Troj/BredoZp-A at Sophos

...

Troj/StartP-CB

- Troj/StartP-CB at Sophos

...

Troj/Bredo-B

- Troj/Bredo-B at Sophos

...

Mal/Bredo-A

- Mal/Bredo-A at Sophos

Mal/Bredo-A is a malicious program sent out via spam.
...

Mal/BredoPk-A

- Mal/BredoPk-A at Sophos

Mal/BredoPk-A is member of a family of malware which is typically mass-mailed.
...

Mal/Zlob-AJ

- Mal/Zlob-AJ at Sophos

...

Troj/Agent-KQJ

0 writebacks [07/24/2009 21:46] [] permanent link

Virus Malware and Threat News for 20090722

W32.SillyFDC.BCP

- W32.SillyFDC.BCP at Norton Symantec

W32.SillyFDC.BCP is a worm that spreads by copying itself to removable drives.
...

Trojan.Ransomlock.B

- Trojan.Ransomlock.B at Norton Symantec

Trojan.Ransomlock.B is a Trojan horse that locks the desktop making the computer unusable.
...

Trojan.Pidief.G

- Trojan.Pidief.G at Norton Symantec

Trojan.Pidief.G is a Trojan horse that arrives in a .pdf file and exploits a vulnerability in Adobe Flash
Player....

TROJ_AGENT.HOZZ

- TROJ_AGENT.HOZZ at Trend Micro

This Trojan may be downloaded from remote sites by other malware. It may be downloaded unknowingly by a user
when visiting malicious Web sites. It may be hosted on a Web site and run when a user accesses the said Web
site.It drops component files, some of which are detected by Trend Micro as TROJ_DLOADR.APL. This Trojan
creates a reg...

Mal/PWS-AB

- Mal/PWS-AB at Sophos

...

Troj/Agent-KOA

- Troj/Agent-KOA at Sophos

...

Troj/Agent-KOB

- Troj/Agent-KOB at Sophos

Troj/Agent-KOB is a Trojan for the Windows platform. When Troj/Agent-KOB is
installed it creates the file <Windows>\svchost.exe. The following registry entry
is created to run svchost.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\R...

Troj/Agent-KOC

- Troj/Agent-KOC at Sophos

...

Troj/Agent-KOD

- Troj/Agent-KOD at Sophos

...

Troj/Agent-KOF

- Troj/Agent-KOF at Sophos

...

Troj/Agent-KPZ

- Troj/Agent-KPZ at Sophos

...

Troj/Dwnldr-HUS

- Troj/Dwnldr-HUS at Sophos

...

Troj/PDFEx-BK

- Troj/PDFEx-BK at Sophos

...

Trojan-Dropper:W32/Blocker.A

- Trojan-Dropper:W32/Blocker.A at F-Secure

...

Trojan:W32/Agent.AF

- Trojan:W32/Agent.AF at F-Secure

...

Trojan.Swifi

- Trojan.Swifi at Norton Symantec

Trojan.Swifi is a Trojan horse that exploits a vulnerability in Adobe Flash Player and may be downloaded from
a Web site....

W32.Palevo

- W32.Palevo at Norton Symantec

W32.Palevo is a worm that spreads through removable drives.
...

Bloodhound.Exploit.265

TROJ_PIDIEF.ANQ

Troj/Agent-KQG

- Troj/Agent-KQG at Sophos

...

Troj/Agent-KQH

- Troj/Agent-KQH at Sophos

...

Mal/Smorph-A

- Mal/Smorph-A at Sophos

...

Troj/Agent-KQE

- Troj/Agent-KQE at Sophos

...

Troj/Bank-R

Troj/Bank-S

- Troj/Bank-S at Sophos

...

Troj/Bckdr-QXA

- Troj/Bckdr-QXA at Sophos

...

Troj/Dloadr-CQP

- Troj/Dloadr-CQP at Sophos

...

Troj/FakeAV-WJ

- Troj/FakeAV-WJ at Sophos

...

Troj/KeyLog-LQ

- Troj/KeyLog-LQ at Sophos

...

0 writebacks [07/23/2009 21:43] [] permanent link

Virus Malware and Threat News for 20090721

SpySniper

- SpySniper at Norton Symantec

BehaviorSpySniper is a misleading application that may give exaggerated reports of threats on the computer.
...

Mal/EncPk-HW

- Mal/EncPk-HW at Sophos

...

Troj/Agent-KPT

- Troj/Agent-KPT at Sophos

...

Troj/Agent-KPU

- Troj/Agent-KPU at Sophos

Troj/Agent-KPU is a Trojan for the Windows platform. When Troj/Agent-KPU is
installed the following files are created: <System>\UsrClassEx.exe
<System>\kklog <Temp>\Novel H1N1 Flu Situation Update.doc The
file UsrC...

Troj/BHO-NA

- Troj/BHO-NA at Sophos

...

Troj/Dloadr-CQM

- Troj/Dloadr-CQM at Sophos

...

Troj/Drop-DC

- Troj/Drop-DC at Sophos

...

Troj/Dwnldr-HUR

- Troj/Dwnldr-HUR at Sophos

...

Troj/Midgare-B

- Troj/Midgare-B at Sophos

...

Troj/PDFJS-BX

- Troj/PDFJS-BX at Sophos

...

W32/Autorun-AMK

- W32/Autorun-AMK at Sophos

W32/Autorun-AMK is a worm for the Windows platform. When W32/Autorun-AMK is
installed the following file is created: <System>\user.exe
The following registry entry is created to run user.exe on startup:
HKLM\SOFTWARE\Microsof...

W32.SillyFDC.BCP

- W32.SillyFDC.BCP at Norton Symantec

W32.SillyFDC.BCP is a worm that spreads by copying itself to removable drives.
...

Trojan.Ransomlock.B

- Trojan.Ransomlock.B at Norton Symantec

Trojan.Ransomlock.B is a Trojan horse that locks the desktop making the computer unusable.
...

Trojan.Pidief.G

- Trojan.Pidief.G at Norton Symantec

Trojan.Pidief.G is a Trojan horse that arrives in a .pdf file and exploits a vulnerability in Adobe Flash
Player....

TROJ_AGENT.HOZZ

Mal/PWS-AB

- Mal/PWS-AB at Sophos

...

Troj/Agent-KOA

- Troj/Agent-KOA at Sophos

...

Troj/Agent-KOB

Troj/Agent-KOC

- Troj/Agent-KOC at Sophos

...

Troj/Agent-KOD

- Troj/Agent-KOD at Sophos

...

Troj/Agent-KOF

- Troj/Agent-KOF at Sophos

...

Troj/Agent-KPZ

- Troj/Agent-KPZ at Sophos

...

Troj/Dwnldr-HUS

- Troj/Dwnldr-HUS at Sophos

...

Troj/PDFEx-BK

- Troj/PDFEx-BK at Sophos

...

0 writebacks [07/22/2009 21:47] [] permanent link

Virus Malware and Threat News for 20090720

Trojan.Matem

- Trojan.Matem at Norton Symantec

Trojan.Matem is a Trojan horse that may download files on to the compromised computer.
...

SymbOS.Exy.D

- SymbOS.Exy.D at Norton Symantec

SymbOS.Exy.D is a Trojan horse that attempts to send SMS messages to a predetermined number.
...

Bloodhound.Exploit.262

- Bloodhound.Exploit.262 at Norton Symantec

Bloodhound.Exploit.262 is a heuristic detection for files attempting to exploit the Microsoft Windows Embedded
OpenType Font Engine Integer Overflow Vulnerability (BID 35187).
...

Bloodhound.Exploit.261

- Bloodhound.Exploit.261 at Norton Symantec

Bloodhound.Exploit.261 is a heuristic detection for files attempting to exploit the Microsoft Windows Embedded
OpenType Font Engine Heap Overflow Vulnerability (BID 35186).
...

W32.SillyFDC.BCO

- W32.SillyFDC.BCO at Norton Symantec

W32.SillyFDC.BCO is a worm that spreads by copying itself to removable drives.
...

Troj/Dloadr-CQI

- Troj/Dloadr-CQI at Sophos

...

Troj/PDFDrop-A

- Troj/PDFDrop-A at Sophos

...

Troj/VBDrop-M

- Troj/VBDrop-M at Sophos

...

Troj/Wintrim-L

- Troj/Wintrim-L at Sophos

...

W32/Sdbot-DOT

- W32/Sdbot-DOT at Sophos

S32/Sdbot-DOT is a worm for the Windows platform. When the application is
installed it creates the file <System>\wauclt.exe. The following registry entry
is created to run wauclt.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ...

Troj/Agent-KPM

- Troj/Agent-KPM at Sophos

...

Troj/Delf-FCX

- Troj/Delf-FCX at Sophos

...

Troj/Delf-FCY

- Troj/Delf-FCY at Sophos

...

Troj/Dloadr-CQG

- Troj/Dloadr-CQG at Sophos

...

Troj/Dloadr-CQH

- Troj/Dloadr-CQH at Sophos

...

SpySniper

- SpySniper at Norton Symantec

BehaviorSpySniper is a misleading application that may give exaggerated reports of threats on the computer.
...

Mal/EncPk-HW

- Mal/EncPk-HW at Sophos

...

Troj/Agent-KPT

- Troj/Agent-KPT at Sophos

...

Troj/Agent-KPU

Troj/BHO-NA

- Troj/BHO-NA at Sophos

...

Troj/Dloadr-CQM

- Troj/Dloadr-CQM at Sophos

...

Troj/Drop-DC

- Troj/Drop-DC at Sophos

...

Troj/Dwnldr-HUR

- Troj/Dwnldr-HUR at Sophos

...

Troj/Midgare-B

- Troj/Midgare-B at Sophos

...

Troj/PDFJS-BX

- Troj/PDFJS-BX at Sophos

...

W32/Autorun-AMK

0 writebacks [07/21/2009 21:45] [] permanent link

Virus Malware and Threat News for 20090719

Troj/Agent-KMK

- Troj/Agent-KMK at Sophos

...

Troj/Agent-KPG

- Troj/Agent-KPG at Sophos

...

Troj/Agent-KPH

- Troj/Agent-KPH at Sophos

Troj/Agent-KPH is a Trojan for the Windows platform. When Troj/Agent-KPH is
installed it creates the file <User>\user.exe. The following registry entry is
created to run user.exe on startup: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
...

Troj/VB-EFL

- Troj/VB-EFL at Sophos

...

Troj/DocDrop-G

- Troj/DocDrop-G at Sophos

...

Troj/RootKit-GG

- Troj/RootKit-GG at Sophos

...

Troj/VBDown-K

- Troj/VBDown-K at Sophos

...

W32/Stasbot-B

- W32/Stasbot-B at Sophos

...

Troj/Maspeq-A

- Troj/Maspeq-A at Sophos

Troj/Maspeq-A is a Trojan constructor kit designed to generate malicious batch scripts.
...

W32/AutoRun-AMD

- W32/AutoRun-AMD at Sophos

...

Trojan.Matem

- Trojan.Matem at Norton Symantec

Trojan.Matem is a Trojan horse that may download files on to the compromised computer.
...

SymbOS.Exy.D

- SymbOS.Exy.D at Norton Symantec

SymbOS.Exy.D is a Trojan horse that attempts to send SMS messages to a predetermined number.
...

Bloodhound.Exploit.262

Bloodhound.Exploit.261

W32.SillyFDC.BCO

- W32.SillyFDC.BCO at Norton Symantec

W32.SillyFDC.BCO is a worm that spreads by copying itself to removable drives.
...

Troj/Dloadr-CQI

- Troj/Dloadr-CQI at Sophos

...

Troj/PDFDrop-A

- Troj/PDFDrop-A at Sophos

...

Troj/VBDrop-M

- Troj/VBDrop-M at Sophos

...

Troj/Wintrim-L

- Troj/Wintrim-L at Sophos

...

W32/Sdbot-DOT

Troj/Agent-KPM

- Troj/Agent-KPM at Sophos

...

Troj/Delf-FCX

- Troj/Delf-FCX at Sophos

...

Troj/Delf-FCY

- Troj/Delf-FCY at Sophos

...

Troj/Dloadr-CQG

- Troj/Dloadr-CQG at Sophos

...

Troj/Dloadr-CQH

- Troj/Dloadr-CQH at Sophos

...

0 writebacks [07/20/2009 21:41] [] permanent link

Virus Malware and Threat News for 20090718

VirusBye

- VirusBye at Norton Symantec

BehaviorVirusBye is a misleading application that may give exaggerated reports of threats on the computer.
...

Troj/Dload-GQ

- Troj/Dload-GQ at Sophos

...

Mal/Delf-AB

- Mal/Delf-AB at Sophos

Mal/Delf-AB is a malicious executable file written in Delphi.
...

Troj/AutoIt-FF

- Troj/AutoIt-FF at Sophos

...

Troj/FakeAle-OQ

- Troj/FakeAle-OQ at Sophos

...

Troj/FakeSp-Gen

- Troj/FakeSp-Gen at Sophos

...

Troj/Zbot-GP

- Troj/Zbot-GP at Sophos

...

Troj/Agent-KPD

- Troj/Agent-KPD at Sophos

...

Troj/Agent-KPE

- Troj/Agent-KPE at Sophos

...

Troj/Dwldr-C

- Troj/Dwldr-C at Sophos

...

Troj/Agent-KMK

- Troj/Agent-KMK at Sophos

...

Troj/Agent-KPG

- Troj/Agent-KPG at Sophos

...

Troj/Agent-KPH

Troj/VB-EFL

- Troj/VB-EFL at Sophos

...

Troj/DocDrop-G

- Troj/DocDrop-G at Sophos

...

Troj/RootKit-GG

- Troj/RootKit-GG at Sophos

...

Troj/VBDown-K

- Troj/VBDown-K at Sophos

...

W32/Stasbot-B

- W32/Stasbot-B at Sophos

...

Troj/Maspeq-A

- Troj/Maspeq-A at Sophos

Troj/Maspeq-A is a Trojan constructor kit designed to generate malicious batch scripts.
...

W32/AutoRun-AMD

- W32/AutoRun-AMD at Sophos

...

0 writebacks [07/19/2009 21:51] [] permanent link

Virus Malware and Threat News for 20090717

Bloodhound.Malautoit.2

- Bloodhound.Malautoit.2 at Norton Symantec

Bloodhound.Malautoit.2 is a heuristic detection for AutoIt compiled scripts that are considered malicious.
...

Mal/Hupig-F

- Mal/Hupig-F at Sophos

...

Troj/Agent-KPC

- Troj/Agent-KPC at Sophos

...

Troj/FakeVir-NW

- Troj/FakeVir-NW at Sophos

...

Troj/Agent-KPA

- Troj/Agent-KPA at Sophos

...

Troj/Agent-KPB

- Troj/Agent-KPB at Sophos

...

Troj/Banker-ETM

- Troj/Banker-ETM at Sophos

...

Troj/Dloadr-CQE

- Troj/Dloadr-CQE at Sophos

...

Troj/Rootkit-GF

- Troj/Rootkit-GF at Sophos

...

Troj/Dloadr-CQD

- Troj/Dloadr-CQD at Sophos

...

VirusBye

- VirusBye at Norton Symantec

BehaviorVirusBye is a misleading application that may give exaggerated reports of threats on the computer.
...

Troj/Dload-GQ

- Troj/Dload-GQ at Sophos

...

Mal/Delf-AB

- Mal/Delf-AB at Sophos

Mal/Delf-AB is a malicious executable file written in Delphi.
...

Troj/AutoIt-FF

- Troj/AutoIt-FF at Sophos

...

Troj/FakeAle-OQ

- Troj/FakeAle-OQ at Sophos

...

Troj/FakeSp-Gen

- Troj/FakeSp-Gen at Sophos

...

Troj/Zbot-GP

- Troj/Zbot-GP at Sophos

...

Troj/Agent-KPD

- Troj/Agent-KPD at Sophos

...

Troj/Agent-KPE

- Troj/Agent-KPE at Sophos

...

Troj/Dwldr-C

- Troj/Dwldr-C at Sophos

...

0 writebacks [07/18/2009 21:45] [] permanent link

Virus Malware and Threat News for 20090716

Trojan-Downloader:W32/Bakted.A

- Trojan-Downloader:W32/Bakted.A at F-Secure

...

Packed.Generic.240

- Packed.Generic.240 at Norton Symantec

Packed.Generic.240 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...

W32.Besverit

- W32.Besverit at Norton Symantec

W32.Besverit is a worm that spreads through removable drives and also infects executable files.
...

W32.Daprosy

- W32.Daprosy at Norton Symantec

W32.Daprosy is a worm that spreads through mapped, fixed, and removable drives. It may also spread through
email....

Mal/Behav-322

- Mal/Behav-322 at Sophos

...

Mal/SpyAgent-D

- Mal/SpyAgent-D at Sophos

...

Troj/Agent-KOX

- Troj/Agent-KOX at Sophos

...

Troj/Agent-KOY

- Troj/Agent-KOY at Sophos

...

Troj/Agent-KOZ

- Troj/Agent-KOZ at Sophos

...

Troj/Dloadr-CQB

- Troj/Dloadr-CQB at Sophos

...

Troj/FakeAV-WB

- Troj/FakeAV-WB at Sophos

...

Troj/FakeAV-WC

- Troj/FakeAV-WC at Sophos

...

Troj/FakeVir-NU

- Troj/FakeVir-NU at Sophos

...

Troj/PDFJs-BU

- Troj/PDFJs-BU at Sophos

Troj/PDFJs-BU is a malicious PDF that contains embedded JavaScript to exploit vulnerabilities to
install more malware.
...

Bloodhound.Malautoit.2

- Bloodhound.Malautoit.2 at Norton Symantec

Bloodhound.Malautoit.2 is a heuristic detection for AutoIt compiled scripts that are considered malicious.
...

Mal/Hupig-F

- Mal/Hupig-F at Sophos

...

Troj/Agent-KPC

- Troj/Agent-KPC at Sophos

...

Troj/FakeVir-NW

- Troj/FakeVir-NW at Sophos

...

Troj/Agent-KPA

- Troj/Agent-KPA at Sophos

...

Troj/Agent-KPB

- Troj/Agent-KPB at Sophos

...

Troj/Banker-ETM

- Troj/Banker-ETM at Sophos

...

Troj/Dloadr-CQE

- Troj/Dloadr-CQE at Sophos

...

Troj/Rootkit-GF

- Troj/Rootkit-GF at Sophos

...

Troj/Dloadr-CQD

- Troj/Dloadr-CQD at Sophos

...

0 writebacks [07/17/2009 21:52] [] permanent link

Virus Malware and Threat News for 20090715

W32.Koobface.C

- W32.Koobface.C at Norton Symantec

W32.Koobface.C is a worm that spreads through Twitter.
...

Bloodhound.Exploit.264

- Bloodhound.Exploit.264 at Norton Symantec

Bloodhound.Exploit.264 is a heuristic detection for files attempting to exploit the Mozilla Firefox 3.5
'Tracemonkey' Component Remote Code Execution Vulnerability (BID 35660).
...

Trojan.Clampi!gen

- Trojan.Clampi!gen at Norton Symantec

Trojan.Clampi!gen is a generic detection for the Trojan.Clampi family.
...

Mal/Renos-J

- Mal/Renos-J at Sophos

...

Troj/AutoIt-FD

- Troj/AutoIt-FD at Sophos

...

Troj/BancDl-B

- Troj/BancDl-B at Sophos

...

Troj/BHO-MX

- Troj/BHO-MX at Sophos

...

Troj/Dloadr-CQA

- Troj/Dloadr-CQA at Sophos

...

Troj/Rootkit-GD

- Troj/Rootkit-GD at Sophos

...

W32/Autorun-ALV

- W32/Autorun-ALV at Sophos

...

Troj/Agent-KOS

- Troj/Agent-KOS at Sophos

...

Troj/Bckdr-QWT

- Troj/Bckdr-QWT at Sophos

...

Troj/Oficla-Gen

- Troj/Oficla-Gen at Sophos

...

Trojan-Downloader:W32/Bakted.A

- Trojan-Downloader:W32/Bakted.A at F-Secure

...

Packed.Generic.240

- Packed.Generic.240 at Norton Symantec

Packed.Generic.240 is a heuristic detection for files that may have been obfuscated or encrypted in order to
conceal them from antivirus software.
...

W32.Besverit

- W32.Besverit at Norton Symantec

W32.Besverit is a worm that spreads through removable drives and also infects executable files.
...

W32.Daprosy

- W32.Daprosy at Norton Symantec

W32.Daprosy is a worm that spreads through mapped, fixed, and removable drives. It may also spread through
email....

Mal/Behav-322

- Mal/Behav-322 at Sophos

...

Mal/SpyAgent-D

- Mal/SpyAgent-D at Sophos

...

Troj/Agent-KOX

- Troj/Agent-KOX at Sophos

...

Troj/Agent-KOY

- Troj/Agent-KOY at Sophos

...

Troj/Agent-KOZ

- Troj/Agent-KOZ at Sophos

...

Troj/Dloadr-CQB

- Troj/Dloadr-CQB at Sophos

...

Troj/FakeAV-WB

- Troj/FakeAV-WB at Sophos

...

Troj/FakeAV-WC

- Troj/FakeAV-WC at Sophos

...

Troj/FakeVir-NU

- Troj/FakeVir-NU at Sophos

...

Troj/PDFJs-BU

- Troj/PDFJs-BU at Sophos

Troj/PDFJs-BU is a malicious PDF that contains embedded JavaScript to exploit vulnerabilities to
install more malware.
...

0 writebacks [07/16/2009 21:45] [] permanent link

Virus Malware and Threat News for 20090714

W32.SillyFDC.BCM

- W32.SillyFDC.BCM at Norton Symantec

W32.SillyFDC.BCM is a worm that spreads by copying itself to removable drives.
...

Bloodhound.Exploit.260

- Bloodhound.Exploit.260 at Norton Symantec

Bloodhound.Exploit.260 is a heuristic detection for files attempting to exploit the Microsoft Publisher Object
Handler Data Pointer Dereference Remote Code Execution Vulnerability (BID 35599).
...

Bloodhound.Exploit.259

- Bloodhound.Exploit.259 at Norton Symantec

Bloodhound.Exploit.259 is a heuristic detection for files attempting to exploit the Microsoft Windows
'MPEG2TuneRequest' ActiveX Control Remote Code Execution Vulnerability (BID 35558).
...

Bloodhound.Exploit.258

- Bloodhound.Exploit.258 at Norton Symantec

Bloodhound.Exploit.258 is a heuristic detection for files attempting to exploit the Microsoft DirectX
DirectShow QuickTime Video Remote Code Execution Vulnerability (BID 35600).
...

Bloodhound.Exploit.263

- Bloodhound.Exploit.263 at Norton Symantec

Bloodhound.Exploit.263 is a heuristic detection for the files which exploit Microsoft Office Web Components
ActiveX Control 'Evaluate()' Insecure Method Vulnerability (BID 35642).
...

Trojan.Kryski

- Trojan.Kryski at Norton Symantec

Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites.
...

SYMBOS_YXES.B

- SYMBOS_YXES.B at Trend Micro

Trend Micro has flagged SYMBOS_YXES.B as noteworthy due to the increased potential for damage, propagation, or
both, that it possesses. It has received attention from independent media sources and/or other security firms.
This symbian malware may be downloaded unknowingly by a user when visiting malicious Web sites.It is a Symbian
Inf...

JS_SHELLCODE.BH

- JS_SHELLCODE.BH at Trend Micro

This JavaScript may be downloaded unknowingly by a user when visiting malicious Web sites. It may be hosted on
a Web site and run when a user accesses the said Web site.It exploits the zero-day vulnerability in Microsoft
Office Web Components. More information can be found here: http://www.microsoft.
com/technet/security/advisory/9734...

WORM_MYDOOM.EB

- WORM_MYDOOM.EB at Trend Micro

Trend Micro has flagged this worm as noteworthy due to the increased potential for damage, propagation, or
both, that it possesses. This worm may be dropped by other malware.Upon execution, it first checks if it is in
a specific folder. If not, it creates a copy of itself and deletes itself from its current directory.It
enumerates dr...

Troj/Agent-KOH

- Troj/Agent-KOH at Sophos

...

Troj/Agent-KOI

- Troj/Agent-KOI at Sophos

...

Troj/Agent-KOJ

- Troj/Agent-KOJ at Sophos

...

Troj/Banspy-M

- Troj/Banspy-M at Sophos

...

Troj/Mdrop-CDX

- Troj/Mdrop-CDX at Sophos

...

W32/Agent-KOE

- W32/Agent-KOE at Sophos

...

W32/Agent-KOG

- W32/Agent-KOG at Sophos

...

Mal/Behav-314

- Mal/Behav-314 at Sophos

...

Mal/Generic-E

- Mal/Generic-E at Sophos

...

W32.Koobface.C

- W32.Koobface.C at Norton Symantec

W32.Koobface.C is a worm that spreads through Twitter.
...

Bloodhound.Exploit.264

Trojan.Clampi!gen

- Trojan.Clampi!gen at Norton Symantec

Trojan.Clampi!gen is a generic detection for the Trojan.Clampi family.
...

Mal/Renos-J

- Mal/Renos-J at Sophos

...

Troj/AutoIt-FD

- Troj/AutoIt-FD at Sophos

...

Troj/BancDl-B

- Troj/BancDl-B at Sophos

...

Troj/BHO-MX

- Troj/BHO-MX at Sophos

...

Troj/Dloadr-CQA

- Troj/Dloadr-CQA at Sophos

...

Troj/Rootkit-GD

- Troj/Rootkit-GD at Sophos

...

W32/Autorun-ALV

- W32/Autorun-ALV at Sophos

...

Troj/Agent-KOS

- Troj/Agent-KOS at Sophos

...

Troj/Bckdr-QWT

- Troj/Bckdr-QWT at Sophos

...

Troj/Oficla-Gen

- Troj/Oficla-Gen at Sophos

...

0 writebacks [07/15/2009 21:45] [] permanent link

Virus Malware and Threat News for 20090713

W32.SillyFDC.BCL

- W32.SillyFDC.BCL at Norton Symantec

W32.SillyFDC.BCL is a worm that spreads by copying itself to removable drives.
...

SymbOS.Exy.C

- SymbOS.Exy.C at Norton Symantec

SymbOS.Exy.C is a Trojan horse that attempts to send SMS messages to a predetermined number.
...

TROJ_JPEGDRPR.B

- TROJ_JPEGDRPR.B at Trend Micro

This Trojan may be dropped by other malware.It may be dropped by other malware. It may be downloaded
unknowingly by a user when visiting malicious Web sites.This is the Trend Micro detection for a .JPG file with
an embedded .EXE file. However, this Trojan is only a component file that does not have the capability to drop
the said emb...

Exp/OWCRef-A

- Exp/OWCRef-A at Sophos

Exp/OWCRef-A is an exploit wrriten in Javascript that attempts to trigger a remote code execution
vulnerability in Office Web Component ActiveX component to download and run a malicious executable file.
...

Mal/DelpDldr-L

- Mal/DelpDldr-L at Sophos

...

Troj/Agent-KNG

- Troj/Agent-KNG at Sophos

...

Troj/Banspy-L

- Troj/Banspy-L at Sophos

...

Troj/BHO-MW

- Troj/BHO-MW at Sophos

...

Troj/Dloadr-CPV

- Troj/Dloadr-CPV at Sophos

...

Troj/FakeAle-OM

- Troj/FakeAle-OM at Sophos

...

Troj/Agent-KNF

- Troj/Agent-KNF at Sophos

...

Troj/Dloadr-CPU

- Troj/Dloadr-CPU at Sophos

...

Troj/FakeAV-VX

- Troj/FakeAV-VX at Sophos

...

W32.SillyFDC.BCM

- W32.SillyFDC.BCM at Norton Symantec

W32.SillyFDC.BCM is a worm that spreads by copying itself to removable drives.
...

Bloodhound.Exploit.260

Bloodhound.Exploit.259

Bloodhound.Exploit.258

Bloodhound.Exploit.263

Trojan.Kryski

- Trojan.Kryski at Norton Symantec

Trojan.Kryski is a Trojan horse that downloads and executes files from remote Web sites.
...

SYMBOS_YXES.B

JS_SHELLCODE.BH

WORM_MYDOOM.EB

Troj/Agent-KOH

- Troj/Agent-KOH at Sophos

...

Troj/Agent-KOI

- Troj/Agent-KOI at Sophos

...

Troj/Agent-KOJ

- Troj/Agent-KOJ at Sophos

...

Troj/Banspy-M

- Troj/Banspy-M at Sophos

...

Troj/Mdrop-CDX

- Troj/Mdrop-CDX at Sophos

...

W32/Agent-KOE

- W32/Agent-KOE at Sophos

...

W32/Agent-KOG

- W32/Agent-KOG at Sophos

...

Mal/Behav-314

- Mal/Behav-314 at Sophos

...

Mal/Generic-E

- Mal/Generic-E at Sophos

...

0 writebacks [07/14/2009 21:47] [] permanent link

Virus Malware and Threat News for 20090712

Troj/Agent-KMY

- Troj/Agent-KMY at Sophos

...

Troj/Agent-KMZ

- Troj/Agent-KMZ at Sophos

...

Troj/Banker-ETK

- Troj/Banker-ETK at Sophos

...

Troj/Inject-IG

- Troj/Inject-IG at Sophos

Troj/Inject-IG is a Trojan for the Windows platform. When run,
Troj/Inject-IG injects malicious code into other running processes.
...

W32/Autoit-FB

- W32/Autoit-FB at Sophos

...

Troj/Dloadr-CPO

- Troj/Dloadr-CPO at Sophos

...

Troj/Mdrop-CDU

- Troj/Mdrop-CDU at Sophos

...

W32.SillyFDC.BCL

- W32.SillyFDC.BCL at Norton Symantec

W32.SillyFDC.BCL is a worm that spreads by copying itself to removable drives.
...

SymbOS.Exy.C

- SymbOS.Exy.C at Norton Symantec

SymbOS.Exy.C is a Trojan horse that attempts to send SMS messages to a predetermined number.
...

TROJ_JPEGDRPR.B

Exp/OWCRef-A

Mal/DelpDldr-L

- Mal/DelpDldr-L at Sophos

...

Troj/Agent-KNG

- Troj/Agent-KNG at Sophos

...

Troj/Banspy-L

- Troj/Banspy-L at Sophos

...

Troj/BHO-MW

- Troj/BHO-MW at Sophos

...

Troj/Dloadr-CPV

- Troj/Dloadr-CPV at Sophos

...

Troj/FakeAle-OM

- Troj/FakeAle-OM at Sophos

...

Troj/Agent-KNF

- Troj/Agent-KNF at Sophos

...

Troj/Dloadr-CPU

- Troj/Dloadr-CPU at Sophos

...

Troj/FakeAV-VX

- Troj/FakeAV-VX at Sophos

...

0 writebacks [07/13/2009 21:51] [] permanent link

Virus Malware and Threat News for 20090711

W32.Topion.B

- W32.Topion.B at Norton Symantec

W32.Topion.B is a worm that copies itself to removable drives and sends IM messages in Chinese.
...

Troj/Agent-KMX

- Troj/Agent-KMX at Sophos

...

Troj/Dldr-AZ

- Troj/Dldr-AZ at Sophos

...

Troj/IRCBot-AEV

- Troj/IRCBot-AEV at Sophos

...

Troj/Proxy-JJ

- Troj/Proxy-JJ at Sophos

...

Troj/Agent-KMU

- Troj/Agent-KMU at Sophos

...

Troj/DwnLdr-HUI

- Troj/DwnLdr-HUI at Sophos

Troj/DwnLdr-HUI is a downloader Trojan for the Windows platform. When run
Troj/DwnLdr-HUI copies itself to <Documents and Settings>\<User>\Application Data\wks.exe and sets
the following registry entries: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
...

Troj/Agent-KMV

- Troj/Agent-KMV at Sophos

...

Troj/Agent-KMW

- Troj/Agent-KMW at Sophos

Troj/Agent-KMW is a Trojan for the Windows platform. When run
Troj/Agent-KMW sets the following registry entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run Cognac <path to Trojan
executable>...

Troj/JSDownL-R

- Troj/JSDownL-R at Sophos

...

Mal/DelpBanc-A

- Mal/DelpBanc-A at Sophos

Mal/DelpBanc-A is a banking Trojan. Mal/DelpBanc-A Trojans typically attempt to steal confidential user
information from banking websites.
...

Troj/Agent-KMY

- Troj/Agent-KMY at Sophos

...

Troj/Agent-KMZ

- Troj/Agent-KMZ at Sophos

...

Troj/Banker-ETK

- Troj/Banker-ETK at Sophos

...

Troj/Inject-IG

- Troj/Inject-IG at Sophos

Troj/Inject-IG is a Trojan for the Windows platform. When run,
Troj/Inject-IG injects malicious code into other running processes.
...

W32/Autoit-FB

- W32/Autoit-FB at Sophos

...

Troj/Dloadr-CPO

- Troj/Dloadr-CPO at Sophos

...

Troj/Mdrop-CDU

- Troj/Mdrop-CDU at Sophos

...

0 writebacks [07/12/2009 21:44] [] permanent link

Virus Malware and Threat News for 20090710

W32.Ackantta.G@mm

- W32.Ackantta.G@mm at Norton Symantec

W32.Ackantta.G@mm is a mass-mailing worm.
...

PUA.MalwareBot

- PUA.MalwareBot at Norton Symantec

BehaviorPUA.MalwareBot is a potentially unwanted application that falsely identifies legitimate network
applications as threats on the computer.
...

Mal/Behav-280

- Mal/Behav-280 at Sophos

...

Mal/EncPk-JA

- Mal/EncPk-JA at Sophos

Mal/EncPk-JA is a program that has been packed with a protection system typically used by malware
authors. ...

Mal/Xpaj-A

- Mal/Xpaj-A at Sophos

Mal/Xpaj-A is a file-infecting Virus for the Windows platform. Mal/Xpaj-A
spreads to removable drives and network shares and infects ".exe", ".dll, ".sys" and ".scr" files.
Mal/Xpaj-A is known to corrupt some files, leaving them in an unrecoverable state such that they need to be
rest...

Troj/Agent-KMO

- Troj/Agent-KMO at Sophos

...

Troj/Agent-KMP

- Troj/Agent-KMP at Sophos

...

Troj/Agent-KMQ

- Troj/Agent-KMQ at Sophos

...

Troj/Agent-KMR

- Troj/Agent-KMR at Sophos

...

Troj/FakeAV-VT

- Troj/FakeAV-VT at Sophos

...

Troj/Iframe-CI

- Troj/Iframe-CI at Sophos

Troj/Iframe-CI is an IFRAME which links to a malicious domain.
...

Troj/Inject-IE

- Troj/Inject-IE at Sophos

...

W32.Topion.B

- W32.Topion.B at Norton Symantec

W32.Topion.B is a worm that copies itself to removable drives and sends IM messages in Chinese.
...

Troj/Agent-KMX

- Troj/Agent-KMX at Sophos

...

Troj/Dldr-AZ

- Troj/Dldr-AZ at Sophos

...

Troj/IRCBot-AEV

- Troj/IRCBot-AEV at Sophos

...

Troj/Proxy-JJ

- Troj/Proxy-JJ at Sophos

...

Troj/Agent-KMU

- Troj/Agent-KMU at Sophos

...

Troj/DwnLdr-HUI

Troj/Agent-KMV

- Troj/Agent-KMV at Sophos

...

Troj/Agent-KMW

Troj/JSDownL-R

- Troj/JSDownL-R at Sophos

...

Mal/DelpBanc-A

- Mal/DelpBanc-A at Sophos

Mal/DelpBanc-A is a banking Trojan. Mal/DelpBanc-A Trojans typically attempt to steal confidential user
information from banking websites.
...

0 writebacks [07/11/2009 21:41] [] permanent link

Virus Malware and Threat News for 20090709

Other:W32/False Positive

- Other:W32/False Positive at F-Secure

...

W32.SillyFDC.BCK

- W32.SillyFDC.BCK at Norton Symantec

W32.SillyFDC.BCK is a worm that spreads by copying itself to removable drives.
...

W32.SillyFDC.BCJ

- W32.SillyFDC.BCJ at Norton Symantec

W32.SillyFDC.BCJ is a worm that spreads by copying itself to removable drives.
...

W32.SillyFDC.BCI

- W32.SillyFDC.BCI at Norton Symantec

W32.SillyFDC.BCI is a worm that spreads by copying itself to removable drives.
...

Mal/Agent-P

- Mal/Agent-P at Sophos

...

Mal/BHO-T

- Mal/BHO-T at Sophos

...

Mal/Zlob-V

- Mal/Zlob-V at Sophos

Mal/Zlob-V is a malicious program which attempts to download malware.
...

Troj/Agent-KMA

- Troj/Agent-KMA at Sophos

...

Troj/Agent-KMB

- Troj/Agent-KMB at Sophos

Troj/Agent-KMB is a Trojan for the Windows platform. Troj/Agent-KMB
includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/Agent-KMB is installed it creates the file <User>\Application Data\taskmon.exe.
...

Troj/Agent-KMC

- Troj/Agent-KMC at Sophos

...

Troj/FakeAV-VN

- Troj/FakeAV-VN at Sophos

...

Troj/FakeAV-VO

- Troj/FakeAV-VO at Sophos

...

Troj/FakeAV-VP

- Troj/FakeAV-VP at Sophos

...

W32.Ackantta.G@mm

- W32.Ackantta.G@mm at Norton Symantec

W32.Ackantta.G@mm is a mass-mailing worm.
...

PUA.MalwareBot

- PUA.MalwareBot at Norton Symantec

BehaviorPUA.MalwareBot is a potentially unwanted application that falsely identifies legitimate network
applications as threats on the computer.
...

Mal/Behav-280

- Mal/Behav-280 at Sophos

...

Mal/EncPk-JA

- Mal/EncPk-JA at Sophos

Mal/EncPk-JA is a program that has been packed with a protection system typically used by malware
authors. ...

Mal/Xpaj-A

Troj/Agent-KMO

- Troj/Agent-KMO at Sophos

...

Troj/Agent-KMP

- Troj/Agent-KMP at Sophos

...

Troj/Agent-KMQ

- Troj/Agent-KMQ at Sophos

...

Troj/Agent-KMR

- Troj/Agent-KMR at Sophos

...

Troj/FakeAV-VT

- Troj/FakeAV-VT at Sophos

...

Troj/Iframe-CI

- Troj/Iframe-CI at Sophos

Troj/Iframe-CI is an IFRAME which links to a malicious domain.
...

Troj/Inject-IE

- Troj/Inject-IE at Sophos

...

0 writebacks [07/10/2009 21:46] [] permanent link

Virus Malware and Threat News for 20090708

Trojan-Downloader:W32/Mebroot.gen!B

- Trojan-Downloader:W32/Mebroot.gen!B at F-Secure

...

W32.Dozer

- W32.Dozer at Norton Symantec

W32.Dozer is a Trojan horse that drops other risks onto the compromised computer.
...

Trojan.Dozer

- Trojan.Dozer at Norton Symantec

Trojan.Dozer is a Trojan horse that performs distributed denial of service (DDoS) attacks.
...

WORM_MYDOOM.EA

- WORM_MYDOOM.EA at Trend Micro

This worm arrives as an attachment to mass-mailed email messages. It may also be dropped by other malware or
downloaded unknowingly by a user when visiting malicious Web sites.When executed, it starts certain services
on the affected system.It also checks and deletes files related to network analysis tools/software, rendering
these u...

Mal/EncPk-JD

- Mal/EncPk-JD at Sophos

...

Mal/EncPk-JH

- Mal/EncPk-JH at Sophos

...

Mal/SysSpy-A

- Mal/SysSpy-A at Sophos

...

Troj/AdSub-A

- Troj/AdSub-A at Sophos

...

Troj/Agent-KLL

- Troj/Agent-KLL at Sophos

...

Troj/Agent-KLM

- Troj/Agent-KLM at Sophos

...

Troj/Agent-KLN

- Troj/Agent-KLN at Sophos

...

Troj/Agent-KLP

- Troj/Agent-KLP at Sophos

...

Troj/Agent-KLQ

- Troj/Agent-KLQ at Sophos

...

Other:W32/False Positive

- Other:W32/False Positive at F-Secure

...

W32.SillyFDC.BCK

- W32.SillyFDC.BCK at Norton Symantec

W32.SillyFDC.BCK is a worm that spreads by copying itself to removable drives.
...

W32.SillyFDC.BCJ

- W32.SillyFDC.BCJ at Norton Symantec

W32.SillyFDC.BCJ is a worm that spreads by copying itself to removable drives.
...

W32.SillyFDC.BCI

- W32.SillyFDC.BCI at Norton Symantec

W32.SillyFDC.BCI is a worm that spreads by copying itself to removable drives.
...

Mal/Agent-P

- Mal/Agent-P at Sophos

...

Mal/BHO-T

- Mal/BHO-T at Sophos

...

Mal/Zlob-V

- Mal/Zlob-V at Sophos

Mal/Zlob-V is a malicious program which attempts to download malware.
...

Troj/Agent-KMA

- Troj/Agent-KMA at Sophos

...

Troj/Agent-KMB

Troj/Agent-KMC

- Troj/Agent-KMC at Sophos

...

Troj/FakeAV-VN

- Troj/FakeAV-VN at Sophos

...

Troj/FakeAV-VO

- Troj/FakeAV-VO at Sophos

...

Troj/FakeAV-VP

- Troj/FakeAV-VP at Sophos

...

0 writebacks [07/09/2009 21:52] [] permanent link

Virus Malware and Threat News for 20090707

TROJ_FFSEARCH.A

- TROJ_FFSEARCH.A at Trend Micro

This Trojan has received attention from independent media sources and/or other security firms.It may be
downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded
unknowingly by a user when visiting malicious Web sites.It connects to a URL to download its configuration
file. It monitors th...

JS_DLOADER.BD

- JS_DLOADER.BD at Trend Micro

Trend Micro has flagged this JavaScript as noteworthy due to the increased potential for damage, propagation,
or both, that it possesses.It may be downloaded from certain remote sites. It may be downloaded unknowingly by
a user when visiting malicious Web sites.It exploits a zero-day vulnerability in the Microsoft Video streaming
Act...

TROJ_WIMPIXO.BG

- TROJ_WIMPIXO.BG at Trend Micro

This Trojan has received attention from independent media sources and/or other security firms.It may be
downloaded from remote sites by the following malware: TROJ_DLOADR.XNIThis Trojan drops component files
detected as the following: TROJ_WIMPIXO.BGRTKT_AGENTT.EEIt registers itself and its dropped file as a system
service to ensure ...

WORM_KILLAV.AI

- WORM_KILLAV.AI at Trend Micro

This worm arrives in an affected system as a downloaded file from remote sites by JS_DLOADER.BD. It may be
dropped by other malware, or downloaded unknowingly by a user when visiting malicious Web sites.It propagates
by dropping copies of itself into all physical and removable drives. It also drops an AUTORUN.INF file that
automatica...

Mal/EncPk-JF

- Mal/EncPk-JF at Sophos

...

Mal/Rootkit-K

- Mal/Rootkit-K at Sophos

Mal/Rootkit-K is a malicious program which has characteristics similar to rootkits
...

Troj/Agent-KKY

- Troj/Agent-KKY at Sophos

...

Troj/Agent-KKZ

- Troj/Agent-KKZ at Sophos

...

Troj/Agent-KLA

- Troj/Agent-KLA at Sophos

...

Troj/BHO-MR

- Troj/BHO-MR at Sophos

...

Troj/Bifrose-XN

- Troj/Bifrose-XN at Sophos

...

Troj/Dloadr-CPQ

- Troj/Dloadr-CPQ at Sophos

Troj/Dloadr-CPQ is a Trojan for the Windows platform. Troj/Dloadr-CPQ
downloads malware detected as Troj/FakeAv-VJ.
...

Troj/FakeAV-VH

- Troj/FakeAV-VH at Sophos

...

Troj/FakeAV-VI

- Troj/FakeAV-VI at Sophos

...

Trojan-Downloader:W32/Mebroot.gen!B

- Trojan-Downloader:W32/Mebroot.gen!B at F-Secure

...

W32.Dozer

- W32.Dozer at Norton Symantec

W32.Dozer is a Trojan horse that drops other risks onto the compromised computer.
...

Trojan.Dozer

- Trojan.Dozer at Norton Symantec

Trojan.Dozer is a Trojan horse that performs distributed denial of service (DDoS) attacks.
...

WORM_MYDOOM.EA

Mal/EncPk-JD

- Mal/EncPk-JD at Sophos

...

Mal/EncPk-JH

- Mal/EncPk-JH at Sophos

...

Mal/SysSpy-A

- Mal/SysSpy-A at Sophos

...

Troj/AdSub-A

- Troj/AdSub-A at Sophos

...

Troj/Agent-KLL

- Troj/Agent-KLL at Sophos

...

Troj/Agent-KLM

- Troj/Agent-KLM at Sophos

...

Troj/Agent-KLN

- Troj/Agent-KLN at Sophos

...

Troj/Agent-KLP

- Troj/Agent-KLP at Sophos

...

Troj/Agent-KLQ

- Troj/Agent-KLQ at Sophos

...

0 writebacks [07/08/2009 21:54] [] permanent link

Virus Malware and Threat News for 20090706

Downloader.Fostrem

- Downloader.Fostrem at Norton Symantec

Downloader.Fostrem is a Trojan horse that exploits the Microsoft Windows 'MPEG2TuneRequest' Object Remote Code
Execution Vulnerability in order to download more malware on to the compromised computer.
...

Java.Boxer

- Java.Boxer at Norton Symantec

Java.Boxer is a Trojan horse that sends SMS messages.
...

WORM_WALEDAC.DU

- WORM_WALEDAC.DU at Trend Micro

...

Mal/Behav-321

- Mal/Behav-321 at Sophos

...

Mal/EncPk-IZ

- Mal/EncPk-IZ at Sophos

Mal/EncPk-IZ is a program that has been packed with a protection system typically used by malware
authors. ...

Mal/EncPk-JC

- Mal/EncPk-JC at Sophos

Mal/EncPk-JC is a program that has been packed with a protection system typically used by malware
authors. ...

Troj/Bdoor-AVZ

- Troj/Bdoor-AVZ at Sophos

...

Troj/FakeAV-VG

- Troj/FakeAV-VG at Sophos

...

W32/Autorun-ALA

- W32/Autorun-ALA at Sophos

...

Exp/VidCtl-A

- Exp/VidCtl-A at Sophos

Exp/VidCtl-A is a malicious JavaScript embedded in a web page that attempts to exploit a client
vulnerability in order to install further malware.
...

Joke/HauntPC-A

- Joke/HauntPC-A at Sophos

Joke/HauntPC-A claims that the computer is haunted.
...

Troj/Agent-KJW

- Troj/Agent-KJW at Sophos

...

Troj/Dloadr-CPN

- Troj/Dloadr-CPN at Sophos

...

TROJ_FFSEARCH.A

JS_DLOADER.BD

TROJ_WIMPIXO.BG

WORM_KILLAV.AI

Mal/EncPk-JF

- Mal/EncPk-JF at Sophos

...

Mal/Rootkit-K

- Mal/Rootkit-K at Sophos

Mal/Rootkit-K is a malicious program which has characteristics similar to rootkits
...

Troj/Agent-KKY

- Troj/Agent-KKY at Sophos

...

Troj/Agent-KKZ

- Troj/Agent-KKZ at Sophos

...

Troj/Agent-KLA

- Troj/Agent-KLA at Sophos

...

Troj/BHO-MR

- Troj/BHO-MR at Sophos

...

Troj/Bifrose-XN

- Troj/Bifrose-XN at Sophos

...

Troj/Dloadr-CPQ

- Troj/Dloadr-CPQ at Sophos

Troj/Dloadr-CPQ is a Trojan for the Windows platform. Troj/Dloadr-CPQ
downloads malware detected as Troj/FakeAv-VJ.
...

Troj/FakeAV-VH

- Troj/FakeAV-VH at Sophos

...

Troj/FakeAV-VI

- Troj/FakeAV-VI at Sophos

...

0 writebacks [07/07/2009 21:42] [] permanent link

Virus Malware and Threat News for 20090705

Downloader.Fostrem

Java.Boxer

- Java.Boxer at Norton Symantec

Java.Boxer is a Trojan horse that sends SMS messages.
...

WORM_WALEDAC.DU

- WORM_WALEDAC.DU at Trend Micro

...

Mal/Behav-321

- Mal/Behav-321 at Sophos

...

Mal/EncPk-IZ

- Mal/EncPk-IZ at Sophos

Mal/EncPk-IZ is a program that has been packed with a protection system typically used by malware
authors. ...

Mal/EncPk-JC

- Mal/EncPk-JC at Sophos

Mal/EncPk-JC is a program that has been packed with a protection system typically used by malware
authors. ...

Troj/Bdoor-AVZ

- Troj/Bdoor-AVZ at Sophos

...

Troj/FakeAV-VG

- Troj/FakeAV-VG at Sophos

...

W32/Autorun-ALA

- W32/Autorun-ALA at Sophos

...

Exp/VidCtl-A

- Exp/VidCtl-A at Sophos

Exp/VidCtl-A is a malicious JavaScript embedded in a web page that attempts to exploit a client
vulnerability in order to install further malware.
...

Joke/HauntPC-A

- Joke/HauntPC-A at Sophos

Joke/HauntPC-A claims that the computer is haunted.
...

Troj/Agent-KJW

- Troj/Agent-KJW at Sophos

...

Troj/Dloadr-CPN

- Troj/Dloadr-CPN at Sophos

...

0 writebacks [07/06/2009 21:42] [] permanent link

Virus Malware and Threat News for 20090704

0 writebacks [07/05/2009 21:44] [] permanent link

Virus Malware and Threat News for 20090703

0 writebacks [07/04/2009 21:44] [] permanent link

Virus Malware and Threat News for 20090702

W32.SillyFDC.BCH

- W32.SillyFDC.BCH at Norton Symantec

W32.SillyFDC.BCH is a worm that spreads by copying itself to removable drives.
...

DSME

- DSME at Sophos

A polymorphic toolkit from Taiwan.
...

Mal/VBHmDrop-A

- Mal/VBHmDrop-A at Sophos

...

Troj/Dloadr-CPL

- Troj/Dloadr-CPL at Sophos

...

Troj/FakeAV-VA

- Troj/FakeAV-VA at Sophos

...

Mal/Sinowa-A

- Mal/Sinowa-A at Sophos

Mal/Sinowa-A is a malicious program.
...

Troj/Graybir-Q

- Troj/Graybir-Q at Sophos

...

Troj/Lineag-GL

- Troj/Lineag-GL at Sophos

...

Troj/Agent-KHE

- Troj/Agent-KHE at Sophos

...

Troj/Agent-KJX

- Troj/Agent-KJX at Sophos

...

0 writebacks [07/03/2009 21:44] [] permanent link

Virus Malware and Threat News for 20090701

W32.SillyFDC.BCG

- W32.SillyFDC.BCG at Norton Symantec

W32.SillyFDC.BCG is a worm that spreads by copying itself to removable drives.
...

W32.SillyFDC.BCF

- W32.SillyFDC.BCF at Norton Symantec

W32.SillyFDC.BCF is a worm that spreads by copying itself to removable drives.
...

W32.SillyFDC.BCE

- W32.SillyFDC.BCE at Norton Symantec

W32.SillyFDC.BCE is a worm that spreads by copying itself to removable and mapped drives.
...

Mal/BHO-R

- Mal/BHO-R at Sophos

...

Mal/DlfOrkut-A

- Mal/DlfOrkut-A at Sophos

...

Mal/EncPk-IW

- Mal/EncPk-IW at Sophos

...

Troj/Delf-FCU

- Troj/Delf-FCU at Sophos

...

Troj/Dloadr-CPI

- Troj/Dloadr-CPI at Sophos

...

Troj/Dloadr-CPK

- Troj/Dloadr-CPK at Sophos

...

Troj/FakeAv-UZ

- Troj/FakeAv-UZ at Sophos

...

Troj/Mdrop-CDO

- Troj/Mdrop-CDO at Sophos

...

Troj/Agent-KJU

- Troj/Agent-KJU at Sophos

...

Troj/Agent-KJT

- Troj/Agent-KJT at Sophos

...

W32.SillyFDC.BCH

- W32.SillyFDC.BCH at Norton Symantec

W32.SillyFDC.BCH is a worm that spreads by copying itself to removable drives.
...

DSME

- DSME at Sophos

A polymorphic toolkit from Taiwan.
...

Mal/VBHmDrop-A

- Mal/VBHmDrop-A at Sophos

...

Troj/Dloadr-CPL

- Troj/Dloadr-CPL at Sophos

...

Troj/FakeAV-VA

- Troj/FakeAV-VA at Sophos

...

Mal/Sinowa-A

- Mal/Sinowa-A at Sophos

Mal/Sinowa-A is a malicious program.
...

Troj/Graybir-Q

- Troj/Graybir-Q at Sophos

...

Troj/Lineag-GL

- Troj/Lineag-GL at Sophos

...

Troj/Agent-KHE

- Troj/Agent-KHE at Sophos

...

Troj/Agent-KJX

- Troj/Agent-KJX at Sophos

...

0 writebacks [07/02/2009 21:41] [] permanent link

Virus Malware and Threat News for 20090630

Bloodhound.Malautoit

- Bloodhound.Malautoit at Norton Symantec

Bloodhound.Malautoit is a heuristic detection for AutoIt compiled scripts that are considered malicious.
...

W32.SillyFDC.BCD

- W32.SillyFDC.BCD at Norton Symantec

W32.SillyFDC.BCD is a worm that spreads by copying itself to removable drives.
...

W32.Ackantta.F@mm

- W32.Ackantta.F@mm at Norton Symantec

W32.Ackantta.F@mm is a mass-mailing worm that spreads through removable drives and sends an email that
contains an attachment of itself. It may also download potentially malicious files from the Internet.
...