Spyware, Viruses, & Security forum

General discussion

VIRUS \ Spyware ALERTS - December 30, 2008

Discussion is locked
You are posting a reply to: VIRUS \ Spyware ALERTS - December 30, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS \ Spyware ALERTS - December 30, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/MDrop-BUY

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/AdClick-FH

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
PlayMp3

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Hotbar

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Category Adware or PUA

Type Adware

Hotbar is advertising supported software from www.hotbar.com, www.wowpapers.com and www.easyscreensavers.com.

Hotbar consists of plugins for Microsoft Internet Explorer and Microsoft Outlook or Outlook Express.

When the browser is active Hotbar delivers advertisements (specific to the sites visited) in the form of links and popup ads.

Advertising links are added to outgoing email messages.

Hotbar may download and install updates of its software at any time without notification that it is doing so.

When Hotbar is installed the following files and folders are typically created:

http://www.sophos.com/security/analyses/adware-and-puas/hotbar.html?_log_from=rss

Collapse -
Trojan.Downexec.C!inf

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
W32/Sdbot.worm!3AFA6720

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Type Virus SubType Internet Worm

Characteristics -

System Changes

These are general defaults for typical path variables. (Although they may differ, these examples are common.):
%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows NT/2000)
%SystemDir% = \WINDOWS\SYSTEM (Windows 98/ME), \WINDOWS\SYSTEM32 (Windows XP/Vista), \WINNT\SYSTEM32 (Windows NT/2000)
%ProgramFiles% = \Program Files

The following exploits may be used for this worms spread:

http://vil.mcafeesecurity.com/vil/content/v_153691.htm

Collapse -
Troj/Mdrop-BVN

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Mdrop-BVB

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/DocDrop-F

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Dloadr-CDS

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Dload-ES

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Bckdr-QQU

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Bckdr-QQT

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Agent-IMN

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Agent-IMM

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Agent-IML

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
SuperJuan

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Trojan.Downexec.C

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Email-Worm:W32/Waledac.A

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Name : Email-Worm:W32/Waledac.A
Aliases : Trojan:W32/Waledac.A (Microsoft)

Size: 387072
Type: Email-Worm
Category: Malware
Platform: W32

Summary
This type of worm is embedded in an e-mail attachment, and spreads using the infected computer's e-mailing networks.

http://www.f-secure.com/v-descs/email-worm_w32_waledac_a.shtml

Collapse -
W32/SdBot-DKH

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Category Viruses and Spyware

Type Worm

W32/SdBot-DKH is a worm for the Windows platform.

When first run W32/SdBot-DKH copies itself to <System>\msddll.exe.

The file msddll.exe is registered as a new system driver service named "msddll", with a display name of "msddll" and a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:

HKLM\SYSTEM\CurrentControlSet\Services\msddll

The following registry entry is set:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions
GON
<pathname of the Trojan executable>

W32/SdBot-DKH may attempt to spread over weakly protected network shares and via exploiting MS04-011.

http://www.sophos.com/security/analyses/viruses-and-spyware/w32sdbotdkh.html?_log_from=rss

Collapse -
Troj/FakeVir-IX

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Dloadr-CDT

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Agent-IMC

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
W32.Downadup.B

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Exploit:SymbOS/SMSCurse.A

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Name : Exploit:SymbOS/SMSCurse.A
Detection Names : Exploit:SymbOS/SMSCurse.A

Type: Exploit
Category: Malware
Platform: SymbOS

Summary
Exploit:/SymbOS/SMSCurse.A is a Denial-of-Service (DoS) exploit that affects messaging components of phones that use Symbian Series 60 versions 2.6, 2.8, 3.0, 3.1, and Sony Ericsson UiQ devices.

When the exploit crashes SMS messaging on a phone, the phone remains otherwise completely functional. The only effect is that it cannot receive any new SMS/MMS messages.

http://www.f-secure.com/v-descs/exploit_symbos_smscurse_a.shtml

Collapse -
W32/Confick-C

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Collapse -
Troj/Agent-IMP

In reply to: VIRUS \ Spyware ALERTS - December 30, 2008

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.