Mal/TDSSPack-G

Mal/TDSSPack-G is a malicious trojan virus that typically penetrates a computer system via security or browser exploits, going unseen once inside. Mal/TDSSPack-G then begins fulfilling its functions, further compromising the machine. Downloading and requesting files from the Internet without user permission, modifying some system settings that could cause negative impact on the overall system security state, while Mal/TDSSPack-G may create a registry entry that causes the parasite to begin running as soon as Windows starts-up. Most important to note, however, is that Mal/TDSSPack-G typically transmits valuable information such as personal and financial data, to a remote unauthorized user, while downloading additional malware onto the system.

Posted on July 16, 2009 in Trojans

Trojan.Win32.Monder.cqbi

Trojan.Win32.Monder.cqbi is a malicious trojan virus that typically penetrates a computer system via security or browser exploits, going unseen once inside. Trojan.Win32.Monder.cqbi then begins fulfilling its functions, further compromising the machine. Downloading and requesting files from the Internet without user permission, modifying some system settings that could cause negative impact on the overall system security state, while Trojan.Win32.Monder.cqbi may create a registry entry that causes the parasite to begin running as soon as Windows starts-up. Most important to note, however, is that Trojan.Win32.Monder.cqbi typically transmits valuable information such as personal and financial data, to a remote unauthorized user, while downloading additional malware onto the system.

Posted on July 16, 2009 in Trojans

Bloodhound.Exploit.213

Bloodhound.Exploit.213 is unintentionally installed onto a computer by visiting a web site that hosts infected advertisements. Bloodhound.Exploit.213 is a generic detection for malicious files that propagate by exploiting the JavaScript Function Stack Buffer Overflow vulnerability found in Adobe Reader. In addition to this, Bloodhound.Exploit.213 attempts to download more malware threats onto the infected computer.

Posted on July 16, 2009 in Trojans

W32.IRCBot

W32.IRCBot is a backdoor trojan that is typically spread via an infected email attachment. Unsuspecting users opening this attachment will find themselves immediately infected with this virus. Once active, W32.IRCBot attempts to connect to an IRC server and await commands from an unauthorized remote user, who will inevitably seek to take control of the infected computer.

Posted on July 16, 2009 in Backdoors

Win32.Virut.56

Win32.Virut.56 is a trojan that usually spreads by infecting .exe and .scr files on a computer and through network-shared resources. Originating from the Virut family of trojans, Win32.Virut.56 may prove incredibly difficult to remove. Win32.Virut.56 may in fact corrupt the operating system in Windows because it tends to infect most of the system files, and cleaning has proven ineffective.

Posted on July 16, 2009 in Trojans

Downloader.Generic_c.AHI

Downloader.Generic_c.AHI is yet another variant originating from the Generic Downloader family, and should thus be taken very seriously. Downloader.Generic_c.AHI typically spreads via email, malicious or hijacked web pages, Internet Relay Chat (IRC) and peer-to-peer (P2P) networks. Once installed onto a computer, Downloader.Generic_c.AHI retrieves and executes files from a remote server on the compromised machine, which is typically a password-stealing component.

Posted on July 16, 2009 in Trojans

Win32/Virut.NBK

Win32/Virut.NBK is a trojan virus that typically infiltrates a computer by altering file names in the registry and installing numerous malware onto the infected system. Once installed, Win32/Virut.NBK may activate corrupt .exe and .dll files and download additional malware threats onto the computer. Win32/Virut.NBK is usually spread via infected email attachments, pornographic web sites and dubious file-sharing and shareware downloads.

Posted on July 16, 2009 in Trojans

Twitter's Security Woes and Meltdowns

Over the past few months Twitter has faced many security related problems ranging from hackers obtaining the login credentials of Twitter users, to malicious tweets linking users to web sites that spread malware. If the current security issues that plague Twitter are not resolved soon, then it will more than likely come back to haunt this company in the near future and possibly hinder it's growth. How does Twitter reaffirm to its users that they provide a safe service when every other week a famous or well-known person's Twitter account gets hacked or private documents get posted repeatedly? Not only do accounts get hacked, but attackers use Twitter to spread malware infections such as the recent Koobface worm. The use of third party services that attempt to make the Twitter experience better have been used by attackers to gain access...

Posted on July 15, 2009 in Computer Security

W32.SillyFDC.BCE

W32.SillyFDC.BCE is a worm that spreads via removable hard drives from computer to computer, lowering security settings by altering the registry entries related to antivirus programs and firewalls as soon as it is active. W32.SillyFDC.BCE may also create its own entry in order to begin running as soon as Windows starts up. W32.SillyFDC.BCE may also block security-related web sites.

Posted on July 15, 2009 in Worms

Rustock SpamBOT

Rustock SpamBOT is a trojan that causes the IP address of a computer to be included on the IP blacklist provided on specialized internet resources. This may cause the user to be unable to access certain essential computer system functions, as well as limiting the scope of internet services available.

Posted on July 15, 2009 in Trojans

Antispy.microsoft.com

Antispy.microsoft.com is a browser hijacker promoting the rogue anti-spyware application known as Antivirus System PRO. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Antispy.microsoft.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Antivirus System PRO.

Posted on July 15, 2009 in Rogue Websites

W32.Slegon

W32.Slegon (also known as W32/Slegon.Worm) is a worm that spreads via removable storage devices and mapped network drives. Once active, W32.Slegon attempts to connect to a remote server in order to download additional malware onto the infected computer system. W32.Slegon may also modify registry entries in order to begin running as soon as Windows starts up.

Posted on July 15, 2009 in Worms

Win32/Pdfjsc.AV

Win32/Pdfjsc.AV is a trojan virus that may exploit the many varying weaknesses in pdf (portable document format) files on a computer in order to command the associated browser hijackers that connect infected computer systems to specified websites. These websites then deliver commercial malware, such as rogue anti-spyware programs, onto the computer by either coercing users to manually download and install adware, pay immediately to install full versions or dropping the adware from a backdoor if the malware contains relevant prohibited malicious scripts.

Posted on July 14, 2009 in Trojans

Pcsecurity-2009.com

Pcsecurity-2009.com is a browser hijacker promoting the rogue anti-spyware application known as PC Security 2009. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Pcsecurity-2009.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover PC Security 2009.

Posted on July 14, 2009 in Rogue Websites

Trojan.Rustock

Trojan.Rustock (variants Trojan.Rustock-N and Trojan.Rustock-B) is a virus that holds many functions, though some have yet to be studied. Trojan.Rustock may support the download of additional malware using the method of browser hijacking, causing the browser to launch numerous fake security alerts in an attempt to intimidate the user into believing that the system is infected. Trojan.Rustock has also been named by mailing service as one of the reasons why mail cannot be received from specific IP addresses.

Posted on July 14, 2009 in Trojans