Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

General discussion

VIRUS \ Spyware ALERTS - December 14, 2008

by Marianna Schmudlach / December 13, 2008 11:17 AM PST

Troj/Agent-GTD


Category Viruses and Spyware

Type Trojan

Troj/Agent-GTD is a Trojan for the Windows platform.

When first run Troj/Agent-GTD copies itself to:
<Windows>\System32\digeste.dll
and slightly alters itself to look more like a dll.

Troj/Agent-GTD adds itself under the following registry entry to run itself at startup:
HKLM\SYSTEM\CurrentContrrolSet\SecurityProviders\SecurityProviders

Troj/Agent-GTD also creates the following file
<Windows>\wiaserviv.log
( wiaserviv.log is harmless and safe to remove )


http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentgtd.html?_log_from=rss

Discussion is locked
You are posting a reply to: VIRUS \ Spyware ALERTS - December 14, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS \ Spyware ALERTS - December 14, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
OSX/Dablink-A
by Marianna Schmudlach / December 13, 2008 11:18 AM PST
Collapse -
VBS/Sasan-M
by Marianna Schmudlach / December 14, 2008 1:14 AM PST

Category Viruses and Spyware

Type Worm

VBS/Sasan-M is a Visual Basic script worm for the Windows platform.

When run the worm will attempt to copy itself to \Sgt.sys.vbs and <Windows>\Sgt.sys.vbs as well as to any removable media. The worm will also attempt to create the following registry entry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SysCom
<Windows>\Sgt.sys.vbs

http://www.sophos.com/security/analyses/viruses-and-spyware/vbssasanm.html?_log_from=rss

Collapse -
Troj/Vundeb-A
by Marianna Schmudlach / December 14, 2008 1:15 AM PST
Collapse -
Troj/ServU-AS
by Marianna Schmudlach / December 14, 2008 1:16 AM PST
Collapse -
Troj/PWS-ATZ
by Marianna Schmudlach / December 14, 2008 1:17 AM PST
Collapse -
Troj/PWS-ATX
by Marianna Schmudlach / December 14, 2008 1:18 AM PST
Collapse -
Troj/PWS-ATJ
by Marianna Schmudlach / December 14, 2008 1:19 AM PST

Category Viruses and Spyware

Type Trojan

W32/PWS-ATJ is an information stealing Trojan for the Windows platform.

When run the Trojan will attempt to copy itself to <Windows>\Help\<random name> as a hidden system file and drop a component dll in the same location.

Troj/PWS-ATJ will register itself as an ShellExecute hook and will regularly send emails with stolen information.

http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsatj.html?_log_from=rss

Collapse -
Troj/FakeVir-IE
by Marianna Schmudlach / December 14, 2008 1:20 AM PST
Collapse -
Troj/DownLd-M
by Marianna Schmudlach / December 14, 2008 1:21 AM PST
Collapse -
Mal/VB-Z
by Marianna Schmudlach / December 14, 2008 1:21 AM PST
Collapse -
Bloodhound.Depby
by Marianna Schmudlach / December 14, 2008 1:31 AM PST
Collapse -
W32/PWS-AUH
by Marianna Schmudlach / December 14, 2008 6:17 AM PST
Collapse -
Troj/PWS-AUG
by Marianna Schmudlach / December 14, 2008 6:18 AM PST

Category Viruses and Spyware

Type Trojan

Troj/PWS-AUG is an information stealing Trojan for the Windows platform.

When run the Trojan will attempt to copy itself to <Windows>\Help\<random name> as a hidden system file and drop a component dll in the same location.

Troj/PWS-ATJ will register itself as an ShellExecute hook and will regularly send emails with stolen information.

http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsaug.html?_log_from=rss

Collapse -
Troj/JSDown-E
by Marianna Schmudlach / December 14, 2008 6:18 AM PST
Collapse -
Troj/FakeVir-IF
by Marianna Schmudlach / December 14, 2008 6:20 AM PST
Collapse -
Troj/FakeAle-AY
by Marianna Schmudlach / December 14, 2008 6:21 AM PST
Collapse -
Troj/FakeAle-AU
by Marianna Schmudlach / December 14, 2008 6:22 AM PST
Collapse -
Troj/Dloadr-BXY
by Marianna Schmudlach / December 14, 2008 6:23 AM PST
Collapse -
Troj/Agent-GTU
by Marianna Schmudlach / December 14, 2008 6:24 AM PST
Collapse -
Mal/Vundeb-A
by Marianna Schmudlach / December 14, 2008 6:25 AM PST
Collapse -
Mal/Delf-L
by Marianna Schmudlach / December 14, 2008 6:26 AM PST

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!