Contact Us for a free antivirus trial to the end of this month.
Add "Virus Trial" to the Comments area.
Most recent malware, computer viruses, worms, Trojan horses, spyware and adware.
Trojan.Packed.14 Trojan.Arkid W32.Gammima W32.Zhosu@mm W32.Mumawow.A!inf W32.Mumawow.A W32.Sality.Y W32.Sality.Y!inf VBS.Agui.A Trojan.Flush.L W32.Fujacks.BH W32.Looked.BK!gen Trojan.Hidexls Backdoor.Mydopam VBS.Nopay W32.Vibmaru W32.Messmulti Backdoor.Ranky.Y VBS.Runauto Infostealer.Lingling.B W32.Rinbot.Y W32.Rinbot.V W32.IRCBot.BPP W32.Virut!dam W32.Rinbot.T Trojan.Syginre Backdoor.Shangxing Hacktool.Wpixiz W32.Wowlook@mm Trojan.Mixpel VBS.Solow.E W32.Virut.B Trojan.Bayrob Trojan.Metajuan W32.Rinbot.L VBS.Solow.D W32.Takeobel Solaris.Wanukdoor Solaris.Wanuk.Worm W32.SillyFDC Trojan.Zlob.M VBS.Solow.C W32.Rokid W32.Rinbot.H W32.Rinbot!gen Backdoor.Bifrose.J Trojan.Pirlames.B Trojan.Haradong.B W32.Rinbot.E W32.Rinbot.F W32.Culler.A Trojan.Pirlames W32.Rinbot.B W32.Rinbot.C W32.Rinbot.D Bloodhound.Exploit.119 VBS.Solow.B Backdoor.Lamer W32.Reyds.A
Trojan.Packed.14 March 23, 2007
Type: Trojan
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
A packer is a tool that compresses, encrypts or obfuscates Windows PE files. Malware authors often use packers to conceal threats from detection by antivirus software. Trojan.Packed.14 detects a packer that is not known to be used for legitimate purposes.
Files that are detected as Trojan.Packed.14 may be malicious.
Contact Us for a free antivirus trial to the end of this month.
Add "Virus Trial" to the Comments area.
W32.Fujacks.BH March 14 2007
Also Known As: W32/Fujacks.z [McAfee], W32/Fujacks.dll [McAfee]
Type: Virus,
Worm Infection Length: 80,384 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Once executed, the worm copies itself as the following files:
%System%\[RANDOM].dll
%System%\[RANDOM].exe
The worm injects itself into the following processes:
Explorer.exe
Services.exe
Winlogon.exe
The worm attempts to download a file from the following URL:
[http://]www.lovesa.info/logo[REMOVED]
Note: At the time of writing, the file was unavailable.
The worm scans the compromised computer and prepends itself to .exe and .scr files. It avoids infecting files located in the following folders:
ComPlus Applications
Common Files
Delphi
Internet Explorer
Messenger
Microsoft Frontpage
Movie Maker
NetMeeting
Online Services
Outlook Express
RECYCLER
System Volume Information
System32
Temp
WINNT
WIndows Media Player
WIndows NT
WinRAR
Windows
Note: Executable files increase in size by 80,384 bytes.
The worm also appends a reference to the domain www.lovesa.info into all files it finds with the following extensions:
.asa
.asp
.aspx
.bat
.cdx
.cer
.css
.htm
.html
.inc
.jsp
.php
Uses the following list of passwords in attempt to copy itself to available network shares:
000000
00000000
1
110
111
111111
11111111
12
120
121212
123
123123
123321
1234
12345
123456
1234567
12345678
123456789
1234qwer
123abc
123asd
123qwe
2000
2004
2005
2006
2007
2008
2k
321
4321
5021314
520
5201314
520520
54321
654321
88888
88888888
999999
Admin
Administrator
Password
Root
abc
abc123
abcd
abcd123
admin
admin123
administrator
adsl
asdf
asdf123
bye
byebye
cctv
china
computer
data
database
date
enable
foobar
fuck
fuckyou
ghost
god
godblessyou
goodbye
guest
guest123
guest321
hao123
happy
home
ihavenopass
iloveyou
internet
japan
kaonima
live
login
love
loveyou
mylove
mypass
mypass123
no
oracle
pass
passwd
password
pwd
qq
qwer
root
sa
server
sex
super
sybase
temp
temp123
test
test123
user
users
wangba
window
windows
windows2000
windows2003
windowsxp.
xp
xxx
yxcv
zxcv
The worm then attempts to copy itself as one of the following filenames:
FuckJacks.exe
Logo1_.exe
Logo_1.exe
Rundl132.exe
c0nime.exe
iexpl0re.exe
nvscv32.exe
spoclsv.exe
svch0st.exe
Contact Us for a free antivirus trial to the end of this month.
Add "Virus Trial" to the Comments area.
What is malware?
Malware is software designed to infiltrate or damage a computer system, without the owner's consent. The term is a combination of "mal-" (or perhaps "malicious") and "software", and describes the intent of the creator, rather than any particular features. Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware and adware. In law, malware is sometimes known as a computer contaminant.
Malware should not be confused with defective software, that is, software which has a legitimate purpose but contains errors or bugs.
Most Prevalent Global Malware
(from December 10 2006 to January 02 2007)
W32.Mixor.Q@mm - W32.Mediasups - Trojan.Cinmeng - W32.Ridnu.B - W32.Rungbu.C - W32.Nujama - Trojan.Caiijing -W32.Spybot.AMTE -
W32.Jhad
W32.Tanexor.A
W32.Koddro@mm
Bloodhound.Olexe
Trojan.Lydra
W32.Bakain
Trojan.Coldung
W32.Chatosky
Trojan.Dowiex!inf
W32.Pagipef.B
W32.Stration.EL@mm
W32.Memesa
Backdoor.Wualess.B
Bloodhound.Exploit.
W32.Sagevo
Trojan.Iesguide
Trojan.Daum
Trojan.Mdropper.U
Trojan.Mdropper.T
Trojan.Shipli 12-13-2006
W32.Dizan
Trojan.Skintrim
W32.Yautoit.N
Trojan.Huanux
Bloodhound.Exploit.106
Bloodhound.Exploit.104
Bloodhound.Exploit.103
Bloodhound.Exploit.102
Bloodhound.Exploit.101
W32.Selfish 12-11-2006
Bloodhound.Exploit.105
Most Prevalent Global Malware
(from November 10 2006 to December 10 2006)
Infostealer.Aobys
W97M.Mxfile.M
W32.Kelvir.LS
Trojan.Booha
Trojan.Goldun.L!inf
Trojan.Goldun.L
Bloodhound.Packed.8
Bloodhound.Packed.7
Bloodhound.Packed.6
Bloodhound.Packed.5
Bloodhound.Packed.4
W32.Windang.A
W32.Imaut.S
Downloader.Realog
Downloader.Sniper
W32.Fujacks.D
W32.Mixor.K@mm
Downloader.Looked
W32.Fujacks.C
W32.Medbot.A
JS.Qspace
W32.Hitapop
Trojan.Horst
W32.Yalove
W32.Fujacks.B
W32.Looked.BK
W32.Spybot.ACYR
VBS.Zodgila
Infostealer.Perfwo.B
Bloodhound.Exploit.100
Backdoor.Singu.C
W32.Pardona.A@mm
W32.Stration.EC@mm
W32.Mixor.I@mm
Trojan.SpamThru
W32.Spybot.ALRD
Bloodhound.KillAV
W32.Pagipef
Trojan.Realor
W32.Sality.V!inf
Trojan.Popwin
W32.Sality.V
Bloodhound.Exploit.99
W32.Wantok
Trojan.Sevensaw
W32.Tellsky
W64.Abul
W32.Fujacks.A
Backdoor.Bias
W32.Lecna.D
Infostealer.Gampass
Trojan.StartPage.R
|