Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS \ Spyware ALERTS - October 30, 2008

by Marianna Schmudlach Oct 29, 2008 3:06PM PDT

Discussion is locked

31 - 60 of 44 Posts
- Collapse + Expand Details
- Collapse -
Troj/Agent-ICK
by Marianna Schmudlach Oct 30, 2008 6:07AM PDT
- Collapse -
Troj/Agent-ICJ
by Marianna Schmudlach Oct 30, 2008 6:08AM PDT

Category Viruses and Spyware

Type Trojan

Troj/Agent-ICJ is a Trojan for the Windows platform.

Troj/Agent-ICJ includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Troj/Agent-ICJ copies itself to <Program Files>\Microsoft Common\wuauclt.exe.

The following registry entry is changed to run wuauclt.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe
Debugger
<Program Files>\Microsoft Common\wuauclt.exe

http://www.sophos.com/security/analyses/viruses-and-spyware/trojagenticj.html?_log_from=rss

- Collapse -
Statements, reports, tracking numbers and tickets
by Marianna Schmudlach Oct 30, 2008 6:12AM PDT

Thursday, October 30, 2008

Over the last 48 hours we've seen a huge increase in ZIP'd malicious email attachments being spammed. The subjects have been:

Your Tracking #xxxxxxxx (where xxxxxxx is a random number)
New Ticket #xxxxx (where xxxxx is a random number)
Accounts Operations Report
Your Statement between 1/1/08 and 10/30/08


The ZIP file typically contains a file that looks like a document (.DOC) but it is really an EXE, there's just a lot of whitespaces between .DOC and .EXE.

More: http://www.f-secure.com/weblog/

- Collapse -
TROJ_BANLOAD.JC.
by Marianna Schmudlach Oct 30, 2008 7:06AM PDT

Portuguese YouTube Spam Leads Users To Japan, Then To Malware

Our honeypots captured spammed email messages, written in Portugese, supposedly coming from the popular video sharing website YouTube.

More: http://blog.trendmicro.com/

- Collapse -
TROJ_CHOST.E
by Marianna Schmudlach Oct 30, 2008 7:07AM PDT

Popular Mexican News Anchor Died!

At least that?s what a new spam run tells you.

Email messages claiming to be from Esmas, the largest television network in Mexico and also the world?s largest producer of Spanish language media, inform users that Joaqu

- Collapse -
Troj/FakeAV-FS
by Marianna Schmudlach Oct 30, 2008 7:26AM PDT

Category Viruses and Spyware

Type Trojan

Troj/FakeAV-FS is a Trojan for the Windows platform.

Troj/FakeAV-FS includes functionality to access the internet and communicate with a remote server via HTTP.

The following registry entry is created to run Troj/FakeAV-FS on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
InstallProgram
<pathname of the Trojan executable>

Registry entries are created under:

HKCU\Software\Solt Lake Software\Pro Antispyware 2009

http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavfs.html?_log_from=rss

- Collapse -
Troj/BHO-HB
by Marianna Schmudlach Oct 30, 2008 7:27AM PDT
- Collapse -
Troj/Agent-ICF
by Marianna Schmudlach Oct 30, 2008 7:28AM PDT
- Collapse -
Troj/Zlob-AQC
by Marianna Schmudlach Oct 30, 2008 11:02AM PDT
- Collapse -
Troj/FakeVir-GW
by Marianna Schmudlach Oct 30, 2008 11:03AM PDT
- Collapse -
Troj/FakeAl-C
by Marianna Schmudlach Oct 30, 2008 11:04AM PDT
- Collapse -
Troj/Dwnldr-HJU
by Marianna Schmudlach Oct 30, 2008 11:05AM PDT
- Collapse -
Mal/Zlob-AC
by Marianna Schmudlach Oct 30, 2008 11:06AM PDT
- Collapse -
MSN Hook Library
by Marianna Schmudlach Oct 30, 2008 11:07AM PDT
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info