General discussion

VIRUS \ SPYWARE ALERTS - April 6, 2010

Discussion is locked

Follow
Reply to: VIRUS \ SPYWARE ALERTS - April 6, 2010
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: VIRUS \ SPYWARE ALERTS - April 6, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Worm:Win32/Bagle

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

More details are available in the Family description of Win32/Bagle

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm:Win32/Bagle&ThreatID=-2147393363

- Collapse -
Trojan:Win32/BHO.CH
- Collapse -
Backdoor:Win32/Blackhole.Z

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Blackhole.Z&ThreatID=-2147361781

- Collapse -
TrojanDownloader:Win32/Branvine.A

Aliases
Trojan.Win32.Agent2.hzq (Kaspersky)
Mal/FakeVirPk-A (Sophos)
Win32/Tibs.S (CA)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
TrojanDownloader:Win32/Branvine.A is a trojan that downloads and executes arbitrary files. In the wild it has been observed downloading and installing malware from several different families, including some associated with Rogue security software.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Branvine.A&ThreatID=-2147343168

- Collapse -
TrojanDownloader:Win32/Bredolab.B

Aliases
Trojan.Win32.Pakes.lmi (Kaspersky)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
TrojanDownloader:Win32/Bredolab.B is the detection for a trojan that connects to a remote site and downloads and executes arbitrary files.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.B&ThreatID=-2147357910

- Collapse -
Trojan:Win32/Brolocker.A

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Brolocker.A&ThreatID=-2147334808

- Collapse -
PWS:Win32/Brothef.A

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Password Stealer. Typically, a password stealing trojan installs a keystroke logger (commonly referred to as a keylogger) which records keystrokes and sends the recorded information to remote attackers. Some keyloggers monitor only keystrokes involved in specific types of web-based transactions. For example, a keylogger may include a component that monitors browser activity, only recording keystrokes when certain bank or ecommerce sites are accessed. Other types of password-stealing trojans include those that capture screenshots in an attempt to bypass graphic-based security measures. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=PWS:Win32/Brothef.A&ThreatID=-2147337764

- Collapse -
VirTool:Win32/CeeInject.gen!BD
- Collapse -
VirTool:Win32/CeeInject.gen!CL

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=VirTool:Win32/CeeInject.gen!CL&ThreatID=-2147334800

- Collapse -
VirTool:Win32/CeeInject.M

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
VirTool:Win32/CeeInject.M is a tool used to inject malicious or potentially unwanted code into an existing process for the purpose of hindering detection and removal.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=VirTool:Win32/CeeInject.M&ThreatID=-2147335525

- Collapse -
Exploit:Java/CVE-2008-5353.G

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit:Java/CVE-2008-5353.G&ThreatID=-2147334798

- Collapse -
Trojan:Win32/Delf.EZ
- Collapse -
Backdoor:Win32/Delf.IV

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Delf.IV&ThreatID=-2147343021

- Collapse -
TrojanDownloader:Win32/Delf.JD

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is classified as a Trojan - Downloader. A downloader trojan accesses remote websites in an attempt to download and install malicious or potentially unwanted software. Some downloader trojans target specific files on remote websites while others may target a specific URL that points to a website containing exploit code that may allow the site to automatically download and software or malicious code on vulnerable systems. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Delf.JD&ThreatID=-2147334807

- Collapse -
Backdoor:Win32/Delf.JJ

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Delf.JJ&ThreatID=-2147334813

- Collapse -
Backdoor:Win32/Delf.PD

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Delf.PD&ThreatID=-2147338669

- Collapse -
Backdoor:Win32/Fludupot.A

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Fludupot.A&ThreatID=-2147335808

- Collapse -
Trojan:Win32/Forkemd.A

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Forkemd.A&ThreatID=-2147334792

- Collapse -
Trojan:Win32/Forkemd.B

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Forkemd.B&ThreatID=-2147334791

- Collapse -
Backdoor:Win32/Hupigon.DF

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
Backdoor:Win32/Hupigon.DF is the main backdoor component of Win32/Hupigon, a family of backdoor trojans that allow unauthorized access and control of an affected computer. TrojanDropper:Win32/Hupigon registers this component as a service. The service then opens a backdoor server that allows other computers to connect to the affected computer and control it in various ways.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Hupigon.DF&ThreatID=-2147341825

- Collapse -
PWS:Win32/Iorgut.A
- Collapse -
Trojan:Win32/Jhee.V
- Collapse -
PWS:Win32/Jomloon.E

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Password Stealer. Typically, a password stealing trojan installs a keystroke logger (commonly referred to as a keylogger) which records keystrokes and sends the recorded information to remote attackers. Some keyloggers monitor only keystrokes involved in specific types of web-based transactions. For example, a keylogger may include a component that monitors browser activity, only recording keystrokes when certain bank or ecommerce sites are accessed. Other types of password-stealing trojans include those that capture screenshots in an attempt to bypass graphic-based security measures. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=PWS:Win32/Jomloon.E&ThreatID=-2147340233

- Collapse -
TrojanSpy:Win32/Keylogger.EJ.dll

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Keylogger.EJ.dll&ThreatI

- Collapse -
TrojanDropper:Win32/Malf

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Dropper. As its name suggests, a dropper trojan contains malicious or potentially unwanted software which it ?drops? and installs on the affected system. Commonly, the dropper installs a backdoor which allows remote, surreptitious access to infected systems. This backdoor may then be used by remote attackers to upload and install further malicious or potentially unwanted software on the system. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDropper:Win32/Malf&ThreatID=-2147371646

- Collapse -
MonitoringTool:Win32/MsnSpybox

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This potentially unwanted software is detected by the Microsoft antispyware engine. Technical details are not currently available

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=MonitoringTool:Win32/MsnSpybox&ThreatID=148855

- Collapse -
TrojanDownloader:Java/OpenConnection.A

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is classified as a Trojan - Downloader. A downloader trojan accesses remote websites in an attempt to download and install malicious or potentially unwanted software. Some downloader trojans target specific files on remote websites while others may target a specific URL that points to a website containing exploit code that may allow the site to automatically download and software or malicious code on vulnerable systems. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Java/OpenConnection.A&ThreatID=-2147334799

- Collapse -
Backdoor:Win32/PcClient.ZF

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/PcClient.ZF&ThreatID=-2147366315

- Collapse -
Backdoor:Win32/Poisonivy

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.79.1306.0
Released: Apr 06, 2010

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Poisonivy&ThreatID=-2147383615

- Collapse -
Worm:Win32/Prolaco.Q

Encyclopedia entry
Published: Apr 06, 2010

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.79.1306.0
Released: Apr 06, 2010


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm:Win32/Prolaco.Q&ThreatID=-2147334809

CNET Forums

Forum Info