 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
Troj/Dloadr-BXS
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbxs.html?_log_from=rss
Discussion is locked
Category Viruses and Spyware
Type Trojan
Troj/Dwnldr-HJZ is a Trojan for the Windows platform.
Troj/Dwnldr-HJZ includes functionality to access the internet and communicate with a remote server via HTTP.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdwnldrhjz.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Troj/Drop-BH drops and runs a malicious file, with system and hidden attributes, in the <Windows>\Debug folder. The file is detected as Mal/Behav-214. This file drops an additional DLL, also with system and hidden attributes, which is detected as Mal/BHO-G.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdropbh.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbxv.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Troj/Bdoor-APH is a Trojan for the Windows platform.
Troj/Bdoor-APH includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Bdoor-APH copies itself to:
<Startup>\userinit.exe
<User>\svchost.exe
<System>\drivers\services.exe
The following registry entries are created to run Troj/Bdoor-APH on startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
[system]
<System>\drivers\services.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
winlogon
<User>\svchost.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[system]
<System>\drivers\services.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
winlogon
<User>\svchost.exe
More: http://www.sophos.com/security/analyses/viruses-and-spyware/trojbdooraph.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagenticy.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagenticx.html?_log_from=rss
Category Viruses and Spyware
Type Malicious Behavior
Mal/ObfJS-BI is a malicious JavaScript within a web page that will attempt to download other malicious content from remote servers.
http://www.sophos.com/security/analyses/viruses-and-spyware/malobfjsbi.html?_log_from=rss
Aliases Trojan:Win32/ProcInject.C
Win32/Agent.OJD
Trojan-Downloader.Win32.Agent.alzf
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
Characteristics Drops more malware
http://www.sophos.com/security/analyses/viruses-and-spyware/trojarinjfam.html
Aliases TrojanDownloader:Win32/Bredolab.gen!B
Downloader-ASH.gen.b
Category Viruses and Spyware
Type Trojan
Troj/Bredol-Fam is a family of Trojans for the Windows platform that attempt to decrypt and run further executable files.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbredolfam.html
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbxu.html
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbxw.html
Category Viruses and Spyware
Type Trojan
Troj/Dloadr-BXX creates 24 scheduled tasks named at1 to at24 to run itself every hour.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbxx.html
Category Viruses and Spyware
Type Trojan
When installed Troj/FakeAle-JK displays fake spyware infection messages.
Troj/FakeAle-JK reduces system security by setting the following registry entries:
HKCU\Software\Microsoft\Security Center\AntiVirusDisableNotify
0x00000001
HKCU\Software\Microsoft\Security Center\FirewallDisableNotify
0x00000001
HKCU\Software\Microsoft\Security Center\UpdatesDisableNotify
0x00000001
More: http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealejk.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojprostidk.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsavj.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsavm.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojsinowafam.html?_log_from=rss
The Trend Micro Content Security Team has discovered a phishing attack that has some unusual targets ? customers of at least two popular domain name registrars and Web hosting companies. Both of them were among the world?s largest domain name registrars in the past year, which would probably explain the phishers? interest.
Here?s a screenshot of the one of the phishing pages:
More: http://blog.trendmicro.com/
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaqg.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaqf.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Troj/Zbot-AP is a Trojan for the Windows platform.
When run Troj/Zbot-AP installs itself into <System>\twext.exe and sets the following registry entry:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit
<System>\userinit.exe,<System>\twext.exe
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzbotap.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojonlinegbl.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavfx.html?_log_from=rss
Category Viruses and Spyware
Type Malicious Behavior
Mal/Sality-B is a file infected by the Sality family of viruses.
http://www.sophos.com/security/analyses/viruses-and-spyware/malsalityb.html?_log_from=rss
Category Viruses and Spyware
Type Malicious Behavior
Mal/Sality-A is a file infected by the Sality family of viruses.
http://www.sophos.com/security/analyses/viruses-and-spyware/malsalitya.html?_log_from=rss
Category Viruses and Spyware
Type Malicious Behavior
Mal/ObfJS-BG is an obfuscated JavaScript within a web page that is likely to exploit vulnerabilities in the browser in order to infect the victim with malware.
http://www.sophos.com/security/analyses/viruses-and-spyware/malobfjsbg.html?_log_from=rss
Category Adware or PUA
Type Unspecified PUA
EShoper is a potentially unwanted application.
When the application is installed the following folder and files are created:
<System>\eshop.xml
<System>\eshopcamp.xml
<System>\EShopee.exe
<System>\NewmsrdkForKey\
The following registry entry is created to run EShopee.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
EShopee
<System>\EShopee.exe
Registry entries are created under:
HKLM\SOFTWARE\EShopee\KeyWord\
http://www.sophos.com/security/analyses/adware-and-puas/eshoper.html?_log_from=rss
Category Adware or PUA
Type Unspecified PUA
Affected operating systems Windows
Characteristics Installs itself in the registry
Monitors browser activity
http://www.sophos.com/security/analyses/adware-and-puas/isolationaware.html?_log_from=rss
Category Adware or PUA
Type Adware
Affected operating systems Windows
http://www.sophos.com/security/analyses/adware-and-puas/gamevance.html?_log_from=rss
Category Suspicious behavior and files
Type Suspicious behavior
Sus/ObfJS-BI will attempt to download and install other malware.
http://www.sophos.com/security/analyses/suspicious-behavior-and-files/susobfjsbi.html?_log_from=rss
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic