 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
W32/Waled-F
Category Viruses and Spyware
Type Worm
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/w32waledf.html?_log_from=rss
Discussion is locked
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmg.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmm.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhml.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmk.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmj.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmi.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmh.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbancosbfa.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpdfjso.html?_log_from=rss
Category Viruses and Spyware
Type Worm
W32/MarioF-J is a Trojan for the Windows platform.
When first run W32/MarioF-J copies itself to <System>
aston.mt and creates the following files:
<System>\dllcache\user32.dll
<System>\nvaux32.dll
The file nvaux32.dll is detected as W32/MarioF-B and the file user32.dll is detected as Troj/User32Hk-A.
http://www.sophos.com/security/analyses/viruses-and-spyware/w32mariofj.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobamz.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzapchaseh.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojjsshellf.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhmf.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojduckya.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentimw.html?_log_from=rss
Category Adware or PUA
Type Unspecified PUA
SAHAgent is advertising software which includes functionality to monitor browsing habits and to silently download, install and run new software, including updates of its software.
When SAHAgent is installed the following files are typically created:
More: http://www.sophos.com/security/analyses/adware-and-puas/sahagent.html?_log_from=rss
1 January 2009
The recent spate of the Waled family of worms continues to spill into the new year.
SophosLabs has recorded two new Waled worms (W32/Waled-E and W32/Waled-F) within the last 24 hours and it looks like this family is pretty much going to be in the news for at least the next couple of days.
On the Spam side, things have also been busy, viagra campaigns continues to keep coming back (like a bad itch). Incredibly, going through the collected data list of suspected malware being sent around, W32/MyDoom-O (!) is still out there - some 2 3 years after it was first discovered - showing the pervasiveness and longetivity of malware.
CheeHui, SophosLabs AU
http://www.sophos.com/security/blog/2009/01/2549.html
Aliases Trojan.Win32.Midgare.qoa
Category Viruses and Spyware
Type Trojan
Troj/Tiotua-AC is a Trojan for the Windows platform.
Troj/Tiotua-AC includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Tiotua-AC copies itself to the Windows folder and creates the following files:
<Temporary Internet Files>\Content.IE5\89irkl2n\themegaton[1].htm
<Temporary Internet Files>\Content.IE5\od6fwfox\yahoo[1].htm
The following registry entry is created to run Troj/Tiotua-AC on startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
<filename>
<pathname of the Trojan executable>
Troj/Tiotua-AC changes settings for Microsoft Internet Explorer by modifying values under:
HKCU\Software\Microsoft\Internet Explorer\Main\Start Page
Registry entries are created under:
HKLM\SOFTWARE\GodLib
http://www.sophos.com/security/analyses/viruses-and-spyware/trojtiotuaac.html?_log_from=rss
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic