© 2009 System-Protector.com All Rights Reserved.
Bit Defender | Kaspersky | ESET NOD32 | AVG Antivirus | F-Secure Antivirus | Trend Micro | McAfee VirusScan | Norton antivirus | CA Antivirus | Norman Antivirus | G DATA Antivirus | Panda Antivirus | AVAST Antivirus | F-Prot antivirus | PC Tools Antivirus | Webroot Antivirus | ViRobot
Latest in trend:
» viruses
Virus Alerts
W32/Conficker.worm
Discovered on 24th November 2008, W32/Conficker.worm is a worm that exploits the MS08-067(Microsoft Windows Server Service Vulnerability (958644)) vulnerability in order to spread. This malware mostly spreads within corporations but also was reported by several hundred home users. Once the remote computer is exploited, that computer will download a copy of the worm via HTTP using the random port opened by the worm.
W32/Xirtem@MM
W32/Xirtem@MM is a mass mailing worm that also spreads through removable media using autorun.inf, and also by copying itself to Shared folders of Peer-2-Peer applications. t also has mass mailing capabilities. The worm sends e-mails, attached with a copy of itself to harvested E-mail addresses on the system. It uses the following "Subject", "Attachment Name" and "From address" combinations for these E-mails.
FakeAlert-BF.dr
FakeAlert-BF.dr is a trojan that displays misleading alerts to persuade the user into buying a product to "repair" malware problems. This trojan may masquerade its malicious behavior, and victims are likely to have installed it thinking it is an antivirus program. This is done to persuade the user into purchasing a full version of Antivirus software “Rapid Antivirus 2.7” to clean the malware that the trojan falsely detected.
BackDoor-DTA
BackDoor-DTA is a trojan that provides remote access capabilities to an attacker by opening a backdoor on the compromised machine. This is usually propagated via emails. The backdoor connects via HTTP to the following site(s) to notify the attacker, and waits for commands.
Generic!atr
Discovered on 31st January 2007, Generic!atr is a Trojan classified as a generic detection for a configuration text file (autorun.inf) used by many worms. This file is usually dropped onto the root of all removable drivers and mapped drives in an attempt to autorun an executable when the drive is accessed.
Generic.dx!707DA3A8
Generic.dx!707DA3A8 is a Trojan, mainly a password stealer, with size of 22,016 bytes. This malware attempts to obtain password information when users browse to certain Web sites by disguising itself as a Firefox plugin. Once executed, this malware attempts to obtain credentials through affected host browsers.
W32/Renocide
Discovered on 5th December 2008, W32/Renocide is a worm that spreads via removable media using "autorun.inf" to facilitate its execution when connected to another computer. Later it connects to various websites and downloads additional malware files.
Win32/FakeAV Family
Win32/FakeAV is a family of trojans disguised as legitimate anti-virus and anti-spyware software. FakeAV variants prompt the user with false warnings, popups, and fake scan results, and may also download additional malware.
W32.Winemmem!inf
W32.Winemmem!inf is a virus that infects the .dll files. It tcopies the .dll files to the same folder that contains the .exe file. and infects the copied .dll so that malicious code is executed whenever any of the .exe files run. The virus then hooks the Send API in order to access the sites whenever an application uses the Send API.
W32.Redlofs
W32.Redlofs propagates on fixed, network and removable drives by creating a copy of itself via the autorun.inf file.t uses the standard windows folder icon as its own icon to confuse users. The worm also searches for folders and sets them to hidden. It hides files and file extensions by setting the attributes to hidden by default and then copies itself to that location as the following file: [FOLDER NAME].exe.
OSX.Lamzev.A
Discovered on the13th of November 2008, OSX.Lamzev.A is a trojan horse created for Mac OSX system that opens a back door port and allows remote access on the infected computer. The Trojan opens a command shell, which allows a user to select an application and a port number. The chosen application can then be used as a back door, which allows a remote attacker to gain access to the compromised computer.
QHost-113
QHosts-113 is a Trojan that modifies the windows hosts file denying access to security vendor websites by redirecting it to local host IP. It redirect the victims browsing to a specific website and prevent users from downloading updates. In this case it is redirecting all security vendor websites including their signature update sites to localhost there by denying the updates
Other latest viruses include: