 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
Troj/IRCBot-ACW
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojircbotacw.html?_log_from=rss
Discussion is locked
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagenticz.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojspybi.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
Characteristics Installs itself in the registry
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavfy.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbxz.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentida.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojkerbota.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakealejl.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdorfbw.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Troj/Dloadr-BYB is a Trojan for the Windows platform.
Troj/Dloadr-BYB includes functionality to access the internet and communicate with a remote server via HTTP.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbyb.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadef.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadbya.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Troj/BadCab-A detects a modified Microsoft CABSfx (Self-extracting archive) which is attempting to evade security software.
http://www.sophos.com/security/analyses/viruses-and-spyware/trojbadcaba.html?_log_from=rss
4 November 2008
So called ?Magic? numbers evolved from the UNIX operating system and now play a regular role in (amongst others) identifying particular file types. The doctoring of these magic numbers may render files unrecognisable by the operating system or applications expecting to work with them - and malware authors have long ago attempted to leverage this.
Malware authors are again rediscovering the usefulness of magic mangling and exploiting the fact that anti-virus engines also recognise files using magic - allowing them to hide certain content by preventing the correct parsing of tainted objects.
A recent example of this is the Troj/BadCab-A Trojan which to the casual observer might appear to be a legitimate Microsoft CAB file SFX?er - yet the CAB object appears to be missing from its regular location in the resource section?
More: http://www.sophos.com/security/blog/2008/11/1919.html
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojantiavd.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentidd.html?_log_from=rss
Aliases Troj/Agen-IDC
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentidc.html?_log_from=rss
Category Suspicious behavior and files
Type Suspicious behavior
Sus/ObfJS-BL is an obfuscated JavaScript within a web page that is likely to exploit vulnerabilities in the browser in order to infect the victim with malware.
http://www.sophos.com/security/analyses/suspicious-behavior-and-files/susobfjsbl.html?_log_from=rss
Discovered: November 4, 2008
Updated: November 4, 2008 7:49:08 AM
Type: Trojan
Trojan.Farfli!SP is a generic detection for variants of the Trojan.Farfli family of Trojans.
http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110407-3120-99
Alert ID : FrSIRT/ALRT-2008-06716
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-04
Description
Technical details and description are not available at this time.
References
http://www.sophos.com/security/analyses/viruses-and-spyware/w32smallemr.html
Credits
Reported by Sophos
Alert ID : FrSIRT/ALRT-2008-06715
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-04
Description
Technical details and description are not available at this time.
References
http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsavp.html
Credits
Reported by Sophos
Alert ID : FrSIRT/ALRT-2008-06714
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-04
Description
Technical details and description are not available at this time.
References
http://www.sophos.com/security/analyses/viruses-and-spyware/trojonlinegbm.html
Credits
Reported by Sophos
Alert ID : FrSIRT/ALRT-2008-06724
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-04
Description
Mal/Sality-A is a file infected by the Sality family of viruses.
References
http://www.sophos.com/security/analyses/viruses-and-spyware/malsalitya.html
Credits
Reported by Sophos
Alert ID : FrSIRT/ALRT-2008-06725
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-04
Description
Mal/Sality-B is a file infected by the Sality family of viruses.
References
http://www.sophos.com/security/analyses/viruses-and-spyware/malsalityb.html
Credits
Reported by Sophos
Alert ID : FrSIRT/ALRT-2008-06737
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-04
Description
Technical details and description are not available at this time.
References
http://www.sophos.com/security/analyses/viruses-and-spyware/trojprostidk.html
Credits
Reported by Sophos
Taking the political temperature through the medium of *****-enlargement promises
By John Leyden ? Get more from this author
Posted in Spam, 4th November 2008
Barack Obama is ahead not only in the polls but where it counts the most - in spam messages. However, his presidential rival John McCain can claim his own guaranteed enlarged small victory.
The Democrat candidate is the topic of 70 per cent more junk mail messages than his Republican counterpart overall. But McCain edges ahead by a ratio of five to four in one important category - pharmacy spam, according to stats from Secure Computing.
So based on the volume of *****-enlargement pill promises the senior senator from Arizona is well ahead of the Illinois whippersnapper.
More: http://www.theregister.co.uk/2008/11/04/us_election_spam_results/
Aliases TrojanSpy:Win32/Gimmiv.A
TrojanSpy:Win32/Gimmiv.A.dll
Category Viruses and Spyware
Type Trojan
Troj/Gimmiv-Gen is a family of Trojans for the Windows platform.
When members of Troj/Gimmiv-Gen are run, the following file is usually dropped:
<System>\wbem\sysmgr.dll
Members of Troj/Gimmiv-Gen typically set the following registry entries to link the dll with svchost.exe:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost
sysmgr
sysmgr
HKLM\SYSTEM\CurrentControlSet\Services\sysmgr\Parameters
ServiceDll
<System>\wbem\sysmgr.dll
HKLM\SYSTEM\CurrentControlSet\Services\sysmgr\Parameters
ServiceMain
ServiceMainFunc
More: http://www.sophos.com/security/analyses/viruses-and-spyware/trojgimmivgen.html?_log_from=rss
Category Viruses and Spyware
Type Exploit
Exp/MS08067-A detects malicious files that exploit a vulnerability in Microsofts Server Service.
A patch for this vulnerability can be obtained from Microsoft at:
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx
http://www.sophos.com/security/analyses/viruses-and-spyware/expms08067a.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbyd.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaqj.html?_log_from=rss
Category Viruses and Spyware
Type Trojan
Affected operating systems Windows
http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaqi.html?_log_from=rss
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic