 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
Troj/Wimad-L
Category Viruses and Spyware
Type Trojan
Troj/Wimad-L is a downloader Trojan for the Windows platform.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojwimadl.html?_log_from=rss
Discussion is locked
Aliases Trojan-Downloader.Win32.Zlob.aaiw
TROJ_ZLOB.IYZ
Trojan:Win32/Zlob.L
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaaiw.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakxpagen.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavif.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealekp.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdowquegen.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojcdurgen.html?_log_from=rss
Aliases BackDoor-CMQ trojan
Category Viruses and Spyware
Type Trojan
Troj/Bckdr-QQX is a Trojan for the Windows platform.
Troj/Bckdr-QQX includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Bckdr-QQX copies itself to:
<Temp>
<filename1>.exe
<System><filname2>.exe
<System>\drivers\<filename3>.exe
Where filename1, filename2, filename3 are randomly selected.
The following registry entries are created to run Troj/Bckdr-QQX on startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
DllHst
<System><filename>.exe /waitservice
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
DllHst
<System><filename>.exe /waitservice
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
<System>\drivers\<filename>.exe
Troj/Bckdr-QQX will attempt to connect to a large range of web sites located on three different servers until it finds a working connection.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbckdrqqx.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentiny.html?_log_from=rss
Aliases Win32/FakeInit.A
Category Viruses and Spyware
Type Trojan
Troj/Agent-INX is a Trojan for the Windows platform.
Troj/Agent-INX includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Agent-INX copies itself to:
<System>\dllcache\userinit.exe
<System>\userinit.exe
and creates the following files:
<Temp>\mousehook.dll
<Temp>\ntdll64.dll
Registry entries are created under:
HKCU\Software
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentinx.html?_log_from=rss
Aliases ExpressAntiVirus2009
FraudTool.Win32.Agent.ge
Category Viruses and Spyware
Type Malicious Behavior
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/malexpressava.html?_log_from=rss
Category Viruses and Spyware
Type Worm
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autoruntg.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbankereoy.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentioa.html?_log_from=rss
Category Viruses and Spyware
Type Worm
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/w32voteraid.html?_log_from=rss
Category Viruses and Spyware
Type Virus
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/w32azerob.html?_log_from=rss
Aliases W32.SillyFDC
Trojan.Win32.Pakes.ldp
the Generic.dx trojan
Category Viruses and Spyware
Type Worm
W32/Autorun-TF is a worm for the Windows platform which spreads by copying itself to removable devices.
When first run W32/Autorun-TF copies itself to:
<PROGRAM FILES>\Microsoft Common\wuauclt.exe
<root>\autorun.inf
The file autorun.inf is detected as W32/Autorun-IK and W32/Autorun-IN.
The following registry entries are created to run W32/Autorun-TF on startup:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe\
Debugger
<PROGRAM FILES>\Microsoft Common\wuauclt.exe
http://www.sophos.com/security/analyses/viruses-and-spyware/w32autoruntf.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojswfdldrl.html?_log_from=rss
Aliases Generic PWS.ak
Trojan-GameThief.Win32.Magania.aqto
Category Viruses and Spyware
Type Trojan
Troj/OnLineG-G is a Trojan for the Windows platform.
When first run Troj/OnLineG-G copies itself to <Windows>\Help\EB6C4499B05F.exe and creates the following files:
<Root>\1.hiv
<Root>\2.hiv
<Current Folder>\2.bat
<Windows>\1.bat
<Windows>\Help\EB6C4499B05F.dll
The file EB6C4499B05F.dll also was detected as Mal/LineDLL-B.
The file EB6C4499B05F.dll is registered as a COM object and shell extension, creating registry entries under:
HKCR\CLSID\{1DBD6574-D6D0-4782-94C3-69619E719765}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{1DBD6574-D6D0-4782-94C3-69619E719765
http://www.sophos.com/security/analyses/viruses-and-spyware/trojonlinegg.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Troj/JSRedir-F is a Trojan the redirects web users to a Fake Anti-Virus site.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojjsredirf.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojircbotadg.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealekq.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrcei.html?_log_from=rss
Category Adware or PUA
Type Hacking Tool
Testosterone loader is a Hacking Tool for online game "SilkRoad"
http://www.sophos.com/security/analyses/adware-and-puas/testosteroneload_a3dECkl6.html?_log_from=rss
Aliases SPR/KeyLogger.DF SPR/KeyLogger.DE Monitor.Win32.KeyLogger.ej
Category Adware or PUA
Type System Monitor
Affected operating systems Windows
Characteristics Installs itself in the registry
http://www.sophos.com/security/analyses/adware-and-puas/sanmaxikeylogger.html?_log_from=rss
Category Adware or PUA
Type Adware
Affected operating systems Windows
http://www.sophos.com/security/analyses/adware-and-puas/contentcleaner.html?_log_from=rss
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic