Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS \ Spyware ALERTS - October 3, 2008

Oct 2, 2008 2:27PM PDT

Discussion is locked

- Collapse -
Troj/Fujif-Gen
Oct 2, 2008 2:28PM PDT
- Collapse -
Troj/FakeAle-HY
Oct 2, 2008 2:29PM PDT
- Collapse -
Troj/Doc-Zip
Oct 2, 2008 2:30PM PDT
- Collapse -
Troj/Dload-DP
Oct 2, 2008 2:31PM PDT
- Collapse -
Troj/BHO-HG
Oct 2, 2008 2:32PM PDT

Category Viruses and Spyware

Type Trojan

Troj/BHO-HG is a Trojan for the Windows platform.

When run, Troj/BHO-HG creates the files:
<System>\retasevo.dll - detected as Troj/BHO-HG
<System>\tesawuzo.dll - detected as Troj/BHO-HG
<System>\kewuziga.dll - detected as Troj/BHO-HG

The following registry entries are set:

HKCR\CLSID\{794cc7e0-a911-4eb7-8e9f-de06450b3747}\InprocServer32\
(default)
<System>\tesawuzo.dll

More: http://www.sophos.com/security/analyses/viruses-and-spyware/trojbhohg.html?_log_from=rss

- Collapse -
Troj/Bckdr-QPL
Oct 2, 2008 2:33PM PDT
- Collapse -
Troj/Agent-HNF
Oct 2, 2008 2:34PM PDT
- Collapse -
Mal/Wintrim-A
Oct 2, 2008 2:35PM PDT
- Collapse -
Mal/EncPk-FJ
Oct 2, 2008 2:36PM PDT
- Collapse -
TROJ_SMALL.MEZ
Oct 2, 2008 2:38PM PDT
- Collapse -
Troj/PWS-AUD
Oct 3, 2008 12:54AM PDT

Category Viruses and Spyware

Type Trojan

Troj/PWS-AUD is a Trojan for the Windows platform.

When run, the following files are created:

<System>\7335775971.cpx (Detected as Troj/PWS-AUD)
<System>\73357759712.CPX (not malicious)
<System>\73357759721.cpx (not malicious)

The following registry entry is set:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
wave1
7335775971.CPX


http://www.sophos.com/security/analyses/viruses-and-spyware/trojpwsaud.html?_log_from=rss

- Collapse -
Troj/Dloadr-BRP
Oct 3, 2008 12:55AM PDT
- Collapse -
Troj/BHO-HF
Oct 3, 2008 12:56AM PDT
- Collapse -
Troj/Agent-HUX
Oct 3, 2008 12:57AM PDT
- Collapse -
Mal/Mdrop-I
Oct 3, 2008 12:58AM PDT
- Collapse -
Mal/Behav-298
Oct 3, 2008 12:59AM PDT
- Collapse -
W32/Vesic-A
Oct 3, 2008 1:00AM PDT
- Collapse -
W32/Stayt-A
Oct 3, 2008 1:01AM PDT
- Collapse -
Troj/Spy-BA
Oct 3, 2008 1:02AM PDT
- Collapse -
Troj/AutoIt-X
Oct 3, 2008 1:03AM PDT
- Collapse -
HomeKeyLogger Installer
Oct 3, 2008 1:04AM PDT
- Collapse -
HomeKeyLogger
Oct 3, 2008 1:05AM PDT

Category Adware or PUA

Type Unspecified PUA

HomeKeyLogger is a key logging application for the Windows platform.

When HomeKeyLogger is installed the following files are created:

<Start Menu\Programs>\Home Key Logger\Dir.lnk
<Start Menu\Programs>\Home Key Logger\Home Key Logger.lnk
<Start Menu\Programs>\Home Key Logger\Links\Download lastest version.lnk
<Start Menu\Programs>\Home Key Logger\Links\Mail to support.lnk
<Start Menu\Programs>\Home Key Logger\Links\Program's home page.lnk
<Start Menu\Programs>\Home Key Logger\Links\Try Family Key Logger.lnk
<Start Menu\Programs>\Home Key Logger\Other Products.lnk
<Start Menu\Programs>\Home Key Logger\Quick Start.lnk
<Start Menu\Programs>\Home Key Logger\Uninstall.lnk
<Start Menu\Programs>\Home Key Logger\faq.lnk
<Program Files>\HomeKeylogger\FAQ.html
<Program Files>\HomeKeylogger\KeyLogger.Dll - HomeKeyLogger
<Program Files>\HomeKeylogger\KeyLogger.exe - HomeKeyLogger
<Program Files>\HomeKeylogger\Links\Download lastest version.url
<Program Files>\HomeKeylogger\Links\Mail to support.url
<Program Files>\HomeKeylogger\Links\Program's home page.url
<Program Files>\HomeKeylogger\Links\Try Family Key Logger.url
<Program Files>\HomeKeylogger\OtherProducts.html
<Program Files>\HomeKeylogger\QuickStart.html
<Program Files>\HomeKeylogger\bg1.gif
<Program Files>\HomeKeylogger\fkllogo.gif
<Program Files>\HomeKeylogger\license.txt
<Program Files>\HomeKeylogger\readme.txt
<Program Files>\HomeKeylogger\uninstall.exe

More: http://www.sophos.com/security/analyses/adware-and-puas/homekeylogger.html?_log_from=rss

- Collapse -
Adware-Cinmus!FDE974A3
Oct 3, 2008 1:36AM PDT

Type Program SubType Adware

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

http://vil.mcafeesecurity.com/vil/content/v_151691.htm

- Collapse -
Adware.NaviPromo.Gen.2
Oct 3, 2008 1:37AM PDT

( Skintrim.gen, Trojan:Win32/Skintrim, Win32:ScarMorph )

SYMPTOMS:

Pop-ups advertisements may appear. Some versions create %SYSTEM%\nvs2.inf file.


TECHNICAL DESCRIPTION:

The Adware.NaviPromo malware family is an advanced and difficult-to-detect adware that runs silently on the infected computer. It uses rootkit techniques to hide its files on disk and memory. It also hides its registry entries.

http://www.bitdefender.com/VIRUS-1000408-en--Adware.NaviPromo.Gen.2.html

- Collapse -
Adware-Fastlook!A2E29364
Oct 3, 2008 1:38AM PDT

Type Program SubType Adware

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

Avert

- Collapse -
Adware-Fastlook!39E39576
Oct 3, 2008 1:39AM PDT

Type Program SubType Adware

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

Avert

- Collapse -
Adware-Cinmus!A39C7525
Oct 3, 2008 1:40AM PDT

Type Program SubType Adware

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

Avert

- Collapse -
PWS-OnlineGames.y.dr!3AC1B55D
Oct 3, 2008 1:41AM PDT

Type Trojan SubType Password

Overview -

This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.


Characteristics
Characteristics -

File Property Property Value
FileName sample.exe

http://vil.mcafeesecurity.com/vil/content/v_151703.htm

- Collapse -
Generic PUP.x!9A46D1DF
Oct 3, 2008 1:42AM PDT

Type Program

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

File Property Property Value
FileName 6.exe

http://vil.mcafeesecurity.com/vil/content/v_151701.htm

- Collapse -
Generic PUP.x!8C416C8F
Oct 3, 2008 1:43AM PDT

Type Program

This software is not a virus or a Trojan. It is detected as a "potentially unwanted program" (PUP). PUPs are any piece of software that a reasonably security- or privacy-minded computer user may want to be informed of and, in some cases, remove. PUPs are often made by a legitimate corporate entity for some beneficial purpose, but they alter the security state of the computer on which they are installed, or the privacy posture of the user of the system, such that most users will want to be aware of them.

File Property Property Value
FileName 6.exe

http://vil.mcafeesecurity.com/vil/content/v_151705.htm