Spyware, Viruses, & Security forum

General discussion

VIRUS \ SPYWARE ALERTS - December 29, 2009

Discussion is locked
You are posting a reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS \ SPYWARE ALERTS - December 29, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
W32/Autorun-AXF

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Category

* Viruses and Spyware

Type

* Worm


How it spreads

* Removable storage devices

Affected operating systems Windows
Characteristics

* Installs itself in the registry


W32/Autorun-AXF is a worm for the Windows platform.

W32/Autorun-AXF includes functionality to run automatically.

The following registry entry is set:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\S
HOWALL
CheckedValue
0x00000000

http://www.sophos.com/security/analyses/viruses-and-spyware/w32autorunaxf.html?_log_from=rss

Collapse -
Troj/VIDQLG-A

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Category

* Viruses and Spyware

Type

* Trojan


Affected operating systems Windows

Troj/VIDQLG-A is a Trojan for the Windows platform.

Troj/VIDQLG-A includes functionality to:

- run automatically
- steal confidential information
- access the internet and communicate with a remote server via HTTP

When Troj/VIDQLG-A is installed it creates the file <Windows>\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job.

Registry entries are created under:

HKCU\Software\PUT2VIDQLG

http://www.sophos.com/security/analyses/viruses-and-spyware/trojvidqlga.html?_log_from=rss

Collapse -
Troj/BredoZp-S

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Collapse -
Trojan:Win32/Agent.GS

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Collapse -
Worm:Win32/Autorun.VM

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Encyclopedia entry
Published: Dec 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1487.0
Released: Dec 29, 2009


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm:Win32/Autorun.VM&ThreatID=-2147336837

Collapse -
TrojanDownloader:Win32/Bredolab.S

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Encyclopedia entry
Published: Dec 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1487.0
Released: Dec 29, 2009


Summary
This threat is classified as a Trojan - Downloader. A downloader trojan accesses remote websites in an attempt to download and install malicious or potentially unwanted software. Some downloader trojans target specific files on remote websites while others may target a specific URL that points to a website containing exploit code that may allow the site to automatically download and software or malicious code on vulnerable systems. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

More details are available in the Family description of Win32/Bredolab

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Bredolab.S&ThreatID=-2147336838

Collapse -
Trojan:Win32/Fakeinit

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Trojan.FakeAlert.AUW (BitDefender)
Win32/FakeAV.ABR (CA)
Fraudtool.XPAntivirus.BCVY (VirusBuster)
Adware/AntivirusXPPro (Panda)
AntiVirus2008 (Symantec)
Advanced Virus Remover (other)
Win32/AdvancedVirusRemover.G (CA)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, such as Trojan:Win32/Antivirusxp and Program:Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. These products may represent themselves as ?Antivirus XP?, ?AntivirusXP 2008?, ?WinDefender 2008?, ?XP Antivirus?, or similar.

Trojan:Win32/Fakeinit is a rogue antivirus program that purports to detect non-existent malware in a system.

Use Microsoft Windows Defender, the Windows Live safety scanner (http://onecare.live.com/site/en-us/default.htm), or another up-to-date scanning and removal tool to detect and remove these threats and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.


Symptoms
Symptoms vary among different distributions of Trojan:Win32/Fakeinit, however, the presence of the following system changes (or similar) may indicate the presence of this program:
Presence of the following folder and file, or similar (for example):
%ProgramFiles%\antivirusxp\antivirusxp.exe
Presence of the following registry modifications or similar (for example):
Added value: "AntivirusXP.exe"
With data: "%ProgramFiles%\antivirusxp\antivirusxp.exe"
To subkey: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Display of the following images/dialogs, or similar (for example):

More: https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Fakeinit&ThreatID=-2147350811

Collapse -
Trojan:Win32/LockScreen.gen!A

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Encyclopedia entry
Published: Dec 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1487.0
Released: Dec 29, 2009


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/LockScreen.gen!A&ThreatID=-2147336839

Collapse -
TrojanSpy:Win32/Swisyn.A.dll

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Swisyn.A.dll&ThreatID=-2147337464

Collapse -
TrojanSpy:Win32/VB

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/VB&ThreatID=-2147399901

Collapse -
TrojanSpy:Win32/Vwealer.H

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Vwealer.H&ThreatID=-2147352264

Collapse -
TrojanSpy:Win32/Vwealer.N

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Vwealer.N&ThreatID=-2147352258

Collapse -
TrojanSpy:Win32/Wordapas.A

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Wordapas.A&ThreatID=-2147339162

Collapse -
TrojanDownloader:HTML/Renos

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Hoax.HTML.Secureinvites.d (Kaspersky)
Trojan.FakeAlert.ANP (BitDefender)

Alert Level (?)
High

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1487.0
Released: Dec 29, 2009

Summary
TrojanDownloader:HTML/Renos is Microsoft's generic detection for a trojan HTML script that attempts to download executable rogue security software when a user visits a malicious Web site and moves the mouse cursor over certain graphics or images.

Note: Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, such as Trojan:Win32/Antivirusxp and Program:Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.

Use Microsoft Windows Defender, the Windows Live safety scanner (http://onecare.live.com/site/en-us/default.htm), or another up-to-date scanning and removal tool to detect and remove these threats and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.

Symptoms
There are no obvious symptoms that indicate the presence of TrojanDownloader:HTML/Renos on an affected machine.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:HTML/Renos&ThreatID=-2147391998

Collapse -
Trojan:Win32/AgentBypass

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Collapse -
Trojan:Win32/Agent

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Symptoms
The behaviors exhibited by this group of trojans is highly variable - thus there are no symptoms specific to this detection.


Technical Information (Analysis)
Trojan:Win32/Agent is a generic detection for a number of trojans that may perform different malicious functions. The behaviors exhibited by this family are highly variable.
Installation

Due to the generic nature of this detection, methods of installation may vary. These trojans may often install themselves by copying their executable to the Windows or Windows system folders, and then modifying the registry to run this file at each system start. These trojans often modify the following subkey in order to accomplish this:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

More: https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Agent&ThreatID=-2147399982

Collapse -
TrojanDownloader:Win32/Agent

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Trojan-Downloader.Win32.Agent.bqw (Kaspersky)
Trojan-Downloader.Win32.Agent.bvd (Kaspersky)
FakeAlert-K (McAfee)
Generic Downloader (McAfee)
W32/Agent.BRUP (Norman)
W32/DLoader.CWGF (Norman)
Troj/Dloadr-BAT (Sophos)
Troj/FakeVir-AB (Sophos)
Downloader (Symantec)
SpySherriff (Symantec)
PAK_Generic.001 (Trend Micro)
TROJ_AGENT.AAGU (Trend Micro)
TROJ_RENOS.NAT (Trend Micro)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
TrojanDownloader:Win32/Agent is family of Trojans that download potentially unwanted software from a remote Web site. The downloaded content could include anything from additional downloader Trojans, to imitation security programs.


Symptoms
Symptoms vary greatly among variants, but in all cases, the Trojan attempts to download files from a remote Web site. In some cases, potentially unwanted software is downloaded and installed. Firewall alerts may trigger, giving an indication that a program is unexpectedly attempting to contact a remote Web site.


More: https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Agent&ThreatID=-2147478930

Collapse -
Backdoor:Win32/Agent.EO

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Backdoor. A backdoor trojan provides remote, usually surreptitious, access to affected systems. A backdoor trojan may be used to conduct distributed denial of service (DDoS) attacks, or it may be used to install additional trojans or other forms of malicious software. For example, a backdoor trojan may be used to install a downloader or dropper trojan, which may in turn install a proxy trojan used to relay spam or a keylogger trojan which monitors and sends keystrokes to remote attackers. A backdoor Trojan may also open ports on the affected system and thus potentially lead to further compromise by other attackers. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Backdoor:Win32/Agent.EO&ThreatID=-2147357184

Collapse -
Trojan:Win32/Alureon

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

More details are available in the Family description of Win32/Alureon


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Alureon&ThreatID=-2147383463

Collapse -
Trojan:WinNT/Alureon

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

More details are available in the Family description of WinNT/Alureon

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:WinNT/Alureon&ThreatID=-2147339813

Collapse -
VirTool:WinNT/Alureon

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1473.0
Released: Dec 29, 2009


Summary
This potentially unwanted software is detected by the Microsoft antispyware engine. Technical details are not currently available.

More details are available in the Family description of WinNT/Alureon


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=VirTool:WinNT/Alureon&ThreatID=-2147336878

Collapse -
TrojanSpy:Win32/Ardamax

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Ardamax&ThreatID=-2147383578

Collapse -
Trojan:Win32/Badcon

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Collapse -
Virus:Win32/Bakaver.dam

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Encyclopedia entry
Published: Dec 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1473.0
Released: Dec 29, 2009


Summary
This threat is detected by the Microsoft antivirus engine. Technical details are not currently available for this threat.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Virus:Win32/Bakaver.dam&ThreatID=-2147336875

Collapse -
Trojan:Win32/Bamital.A

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Backdoor.Win32.Agent.andi (Kaspersky)
Trojan.Bamital.Gen (VirusBuster)
Win32/Agent.QJM (ESET)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
Trojan:Win32/Bamital.A is a trojan often installed by other malware. It monitors and modifies Web search queries and displays advertisements. It is triggered when the browser is Internet Explorer, Opera, Firefox, Chrome, or Safari.

Symptoms
System changes

The following system changes may indicate the presence of this malware:
The presence of any of the following files:
curslib.dll
kbdnet.dll
mscert.dll
msnetlib.dll
rdolib.dll
wincert.dll
winuid.dll

More: https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Bamital.A&ThreatID=-2147339309

Collapse -
TrojanDownloader:Win32/Bancos

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Downloader. A downloader trojan accesses remote websites in an attempt to download and install malicious or potentially unwanted software. Some downloader trojans target specific files on remote websites while others may target a specific URL that points to a website containing exploit code that may allow the site to automatically download and software or malicious code on vulnerable systems. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

More details are available in the Family description of Win32/Bancos

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Bancos&ThreatID=-2147369237

Collapse -
TrojanSpy:Win32/Bancos.PI

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Trojan-Downloader.Win32.Homa.aef (Kaspersky)
Win32/Spy.Banbra.NUJ (ESET)
Trojan.Win32.Delf.ort (Kaspersky)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
TrojanSpy:Win32/Bancos.PI is a trojan that attempts to steal sensitive data from an affected computer. It consists of two components. The first is used to capture and steal usernames and passwords from users of Caixa Net Banking. The second component is used to download and execute arbitrary files.

Symptoms
There are no obvious symptoms that indicate the presence of this malware on an affected machine.

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Bancos.PI&ThreatID=-2147339231

Collapse -
TrojanSpy:Win32/Bancos.RH

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.71.1473.0
Released: Dec 29, 2009

Summary
This threat is classified as a Trojan - Data Theft. A data theft trojan gathers personal data, often of a financial nature, from affected systems. Collected data may include credit card numbers, tax returns, login credentials or any other informed deemed to be of interest to the attacker. The collected data is then surreptitiously sent to the remote attacker via a variety of electronic means. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

More details are available in the Family description of Win32/Bancos


https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanSpy:Win32/Bancos.RH&ThreatID=-2147338230

Collapse -
TrojanDownloader:Win32/Banload.LR

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Encyclopedia entry
Published: Dec 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1473.0
Released: Dec 29, 2009


Summary
This threat is classified as a Trojan - Downloader. A downloader trojan accesses remote websites in an attempt to download and install malicious or potentially unwanted software. Some downloader trojans target specific files on remote websites while others may target a specific URL that points to a website containing exploit code that may allow the site to automatically download and software or malicious code on vulnerable systems. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

More details are available in the Family description of Win32/Banload

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Banload.LR&ThreatID=-2147336850

Collapse -
TrojanDownloader:Win32/Banload.LS

In reply to: VIRUS \ SPYWARE ALERTS - December 29, 2009

Encyclopedia entry
Published: Dec 29, 2009

Aliases
Not available

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection initially created:
Definition: 1.71.1473.0
Released: Dec 29, 2009


Summary
This threat is classified as a Trojan - Downloader. A downloader trojan accesses remote websites in an attempt to download and install malicious or potentially unwanted software. Some downloader trojans target specific files on remote websites while others may target a specific URL that points to a website containing exploit code that may allow the site to automatically download and software or malicious code on vulnerable systems. This threat is detected by the Microsoft antivirus engine. Technical details are not currently available.

More details are available in the Family description of Win32/Banload

https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDownloader:Win32/Banload.LS&ThreatID=-2147336849

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.