Get to know the Zune HD>>
Spyware, viruses, & security : VIRUS \ Spyware ALERTS - January 9, 2009
- 1/8/09 7:03 PM
VIRUS \ Spyware ALERTS - January 9, 2009
by Marianna Schmudlach - 1/8/09 7:03 PM
W32/Sdbot-DNR
Aliases W32.Spybot.Worm
Worm/Rbot.210944
HASH(0xb22f1d8)
Category Viruses and Spyware
Type Worm
How it spreads Network shares
Affected operating systems Windows
Characteristics Installs itself in the registry
http://www.sophos.com/security/analyses/viruses-and-spyware/w32sdbotdnr.html?_log_from=rss
Troj/PcCli-C
by Marianna Schmudlach - 1/8/09 7:04 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpcclic.html?_log_from=rss
Troj/MultPs-Gen
by Marianna Schmudlach - 1/8/09 7:05 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmultpsgen.html?_log_from=rss
Troj/FakeVir-JE
by Marianna Schmudlach - 1/8/09 7:06 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakevirje.html?_log_from=rss
Troj/Agent-IOM
by Marianna Schmudlach - 1/8/09 7:07 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Aliases Trojan.Win32.Agent.asjk
Adware:Win32/AdRotator
Trojan.Fakeavalert
Category Viruses and Spyware
Type Trojan
Troj/Agent-IOM is a Trojan for the Windows platform.
Troj/Agent-IOM drops the following files:
<System>\<random letters>.dll (also detected as Troj/Agent-IOM)
<System>\<random letters>.exe (clean uninstall file)
Troj/Agent-IOM creates the following registry entries to run the DLL file on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<random letters>
<System>\regsvr32.exe /s "<System>\<random letters>.dll"
Troj/Agent-IOM also installs the DLL file as a Browser Helper Object by creating registry entries under the following locations:
HKCR\CLSID\{<Trojan clsid>}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{<Trojan clsid>}
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentiom.html?_log_from=rss
Mal/Sality-B
by Marianna Schmudlach - 1/8/09 7:08 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Malicious Behavior
Mal/Sality-B is a file infected by the Sality family of viruses.
How it spreads Network shares
Infected files
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/malsalityb.html?_log_from=rss
W32/IRCBot-ADJ
by Marianna Schmudlach - 1/8/09 9:50 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Worm
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/w32ircbotadj.html?_log_from=rss
W32/AutoRun-TN
by Marianna Schmudlach - 1/8/09 9:51 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Worm
W32/AutoRun-TN is a worm for the Windows platform.
When run W32/AutoRun-TN copies itself to <System>\csrcs.exe and sets the following regitry entry:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
csrcs
<System>\csrcs.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Hidden
2
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
ShowSuperHidden
0
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
SuperHidden
0
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
Explorer.exe csrcs.exe
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autoruntn.html?_log_from=rss
W32/AutoRun-TM
by Marianna Schmudlach - 1/8/09 9:52 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Worm
How it spreads Removable storage devices
Affected operating systems Windows
Characteristics Installs itself in the registry
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autoruntm.html?_log_from=rss
VBS/DownLdr-D
by Marianna Schmudlach - 1/8/09 9:53 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
VBS/DwnLdr-D is a downloader Trojan which will attempt to download a file from the internet and run it.
The downloaded file is saved in C:\kuruna.exe
http://www.sophos.com/security/analyses/viruses-and-spyware/vbsdownldrd.html?_log_from=rss
Troj/MDrop-BXO
by Marianna Schmudlach - 1/8/09 9:54 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
Troj/MDrop-BXO is a Trojan for the Windows platform.
When run Troj/MDrop-BXO creates the files:
ServerApp.exe - detected as Mal/Behav-024
Stub.exe - detected as Troj/Dropper-QI
http://www.sophos.com/security/analyses/viruses-and-spyware/trojmdropbxo.html?_log_from=rss
Troj/Agent-ION
by Marianna Schmudlach - 1/8/09 9:55 PM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagention.html?_log_from=rss
W32/Waled-Gen
by Marianna Schmudlach - 1/9/09 8:27 AM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Worm
W32/Waled-Gen is a worm for the Windows platform.
W32/Waled-Gen includes functionality to access the internet and communicate with a remote server via HTTP and send itself out using built-in SMTP client.
http://www.sophos.com/security/analyses/viruses-and-spyware/w32waledgen.html?_log_from=rss
W32/Autorun-TO
by Marianna Schmudlach - 1/9/09 8:28 AM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Worm
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunto.html?_log_from=rss
Troj/Rootkit-EL
by Marianna Schmudlach - 1/9/09 8:29 AM
In reply to: VIRUS \ Spyware ALERTS - January 9, 2009 by Marianna Schmudlach
Category Viruses and Spyware
Type Trojan
Troj/Rootkit-EL is a rootkit Trojan for the Windows platform.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojrootkitel.html?_log_from=rss
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
