Saturday, May 27, 2006

Virus Updates for May 26th, 2006

DAT Version:4771
DAT Release Date:5-26-2006
Threats Detected:192,871
New Detections:6
Enhanced Detections:145



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (1)
  Dropper (1)
    Emando.dr
Trojan (2)
  Downloader (1)
    Downloader-AWP
  Win32 (1)
    Spy-Agent.az
Virus (3)
  E-mail (2)
    W32/Mytob.ih@MM
    W32/Mytob.ii@MM
  Win32 (1)
    W32/Sality.u
Internet Worm (1)
  Win32 (1)
    W32/Browaf.worm
Malware (1)
  Win32 (1)
    Exploit-Mydoom
Program (4)
   (1)
    VText.3c
  Keylogger (1)
    Keylog-CN
  Malware Tool (1)
    VTool/fake
  Win32 (1)
    ServU-Daemon
Trojan (44)
   (3)
    Generic BackDoor.bb
    Generic Downloader.ao
    Generic Proxy.h
  Application extension (2)
    PWS-Legmir.dll
    StartPage-DH.dll
  Configurator (1)
    BackDoor-CEP.cfg
  Demonstration (1)
    JS/Exploit-DragDrop.b.demo
  Downloader (5)
    PWS-Banker.dldr
    Downloader-ZQ
    Downloader-ASH
    Downloader-ACR
    Downloader-AWM
  Dropper (3)
    BackDoor-CKB.dr
    BackDoor-CEP.dr
    Spam-DComServ.dr
  Exploit (2)
    Exploit-DcomRpc
    Exploit-MS04-011
  Generic (5)
    Exploit-OleData.gen
    PWS-Banker.gen.bb
    BackDoor-CKB.gen
    Exploit-MS06-004.gen
    JS/Exploit-DragDrop.b.gen
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  HTML (1)
    JS/Winbomb
  Password Stealer (5)
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Goldun.sys
    PWS-Banker.bh
    PWS-Banker.au
  Proxy (1)
    Proxy-Agent.a
  Remote Access (5)
    BackDoor-AMQ
    BackDoor-AWQ.b
    BackDoor-CKB.sys
    BackDoor-CMQ
    BackDoor-CEP
  StartPage (1)
    StartPage-DH
  Win32 (8)
    Generic Downloader.a
    Puper
    Generic Downloader.bb
    Generic BackDoor.bc
    Swizzor
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
Virus (95)
  Damaged (1)
    W32/Mytob.dam
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  E-mail (3)
    W32/Mytob.ig@MM
    W32/Mytob.gr@MM
    W32/Banwarum.dll
  Email (72)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.ie@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.id@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.hq@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Exploit (1)
    Exploit-MS04-11
  Generic Worm (10)
    W32/IRCbot.worm.gen
    W32/Spybot.worm.gen.bx
    W32/Opanki.worm.gen
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.bk
    W32/Sdbot.worm.gen.ai
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.ac
  Win32 (4)
    New Poly Win32
    W32/Sality.r
    W32/Sality.t
    W32/Sality.s
  Worm (2)
    W32/MoonLight.worm
    W32/Opanki.worm

posted by Will Pittenger at 12:05 AM 0 comments links to this post

Thursday, May 25, 2006

Virus Updates for May 25th, 2006

DAT Version:4770
DAT Release Date:5-25-2006
Threats Detected:192,769
New Detections:15
Enhanced Detections:147



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Internet Worm (1)
  Win32 (1)
    W32/Browaf.worm
Trojan (11)
  Application extension (1)
    BackDoor-CZZ.dll
  Downloader (2)
    W97M/Downloader-AWO
    Downloader-AWN
  Dropper (2)
    BackDoor-CVT.dr
    MultiDropper-QR
  ProcKill (1)
    ProcKill-DS
  Proxy (1)
    Proxy-Agent.aw
  Remote Access (3)
    BackDoor-DAA
    BackDoor-CZZ
    BackDoor-CZY
  Win32 (1)
    APStrojan.ub
Virus (3)
  E-mail (2)
    W32/Banwarum@MM
    W32/Banwarum.dll
  Win32 (1)
    W32/Madangel.a
Program (4)
  Adware (2)
    Adware-PigSearch
    Adware-Newweb
  Spyware (2)
    Spyware-SpyAgent
    Spyware-Realtime-Spy
Trojan (59)
   (1)
    Generic BackDoor.d
  Application extension (4)
    Downloader-AUE.dll
    PWS-Goldun.dll
    PWS-Banker.ar.dll
    PWS-Banker.dll
  Configurator (2)
    PWS-QQPass.cfg
    BackDoor-CEP.cfg
  Downloader (8)
    Downloader-AFW
    PWS-Banker.dldr
    Downloader-ATM!CME-934
    Downloader-ATM!CME-503
    Downloader-ZQ
    Downloader-ATM
    Downloader-ASH
    Downloader-AWM
  Dropper (4)
    BackDoor-CEP.dr
    Puper.dr
    MultiDropper-MY
    Spam-DComServ.dr
  Exploit (4)
    Exploit-CodeBase.chm
    Exploit-WMF.b
    Exploit-WMF.c
    Exploit-WMF
  Generic (3)
    Exploit-OleData.gen
    APSTrojan.ua.gen
    PWS-Banker.gen.ab
  Heuristic (2)
    New Malware.u
    New Malware.j
  Password (1)
    PWS-QQPass
  Password Stealer (7)
    Generic PWS.e
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Banker.bh
    PWS-Banker.au
    PWS-WoW
    PWS-Lineage
  Proxy (2)
    Proxy-Agent.a
    Proxy-Piky
  Remote Access (7)
    BackDoor-AWQ.b
    BackDoor-CCT
    BackDoor-CKB.sys
    Generic BackDoor.l
    BackDoor-CMQ
    BackDoor-CYY
    BackDoor-CEP
  Script (1)
    Generic Downloader.z
  StartPage (1)
    StartPage-ID
  Win32 (12)
    DollarRevenue
    Generic Uploader.a
    Puper
    Generic Downloader.af
    APSTrojan.ua
    Generic Downloader.k
    Generic Downloader.u
    Generic Dropper.ad
    Swizzor
    Generic BackDoor.u
    AdClicker-DW
    Generic AdClicker.d
Virus (84)
  Damaged (1)
    W32/Mytob.dam
  E-mail (1)
    W32/Mytob.gr@MM
  Email (72)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.ie@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.id@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.hq@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Generic Worm (6)
    W32/Sdbot.worm.gen.as
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.bg
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Gaobot.worm.gen.by
  Win32 (1)
    New Win32.g1
  Worm (2)
    W32/Antinny.worm.ab
    W32/Antinny.worm.aa

posted by Will Pittenger at 11:43 PM 0 comments links to this post

Virus Updates for May 24th, 2006

DAT Version:4769
DAT Release Date:5-24-2006
Threats Detected:192,662
New Detections:20
Enhanced Detections:181



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (1)
  Dropper (1)
    Spyware-Realtime-Spy.dr
Trojan (13)
   (5)
    SymbOS/Multidropper.bq!sis
    SymbOS/Multidropper.bo!sis
    SymbOS/Multidropper.bp!sis
    SymbOS/Multidropper.bs!sis
    SymbOS/Multidropper.br!sis
  Application extension Generi (1)
    Puper.dll.gen
  Downloader (2)
    Downloader-AWL
    Downloader-AWM
  Generic (2)
    Exploit-OleData.gen.gen
    Exploit-VBE.gen
  Heuristic (1)
    New Downloader.b
  Remote Access (2)
    BackDoor-CZW
    BackDoor-CZX
Virus (6)
  Application extension (1)
    W32/Sality.t.dll
  Email (1)
    W32/Mytob.ie@MM
  Parasitic (2)
    W32/HLLP.Philis.r
    W32/HLLP.82432
  Win32 (2)
    W32/Fontra.a
    W32/Sality.t
Program (9)
   (1)
    Generic PUP.a
  Adware (1)
    Adware-LinkMaker
  Configuration settings (1)
    ServU.ini
  Dialer (2)
    Dialer-Generic.e
    Dialer-Generic.f
  Downloader (1)
    Downloader-FL
  Internet Relay Chat (1)
    IRC/Client
  Spyware (1)
    Spyware-Realtime-Spy
  Win32 (1)
    Generic Dialer.ba
Trojan (68)
   (12)
    Generic Downloader.o
    SymbOS/Multidropper.bf!sis
    Generic Downloader.bd
    Ceegar
    SymbOS/Multidropper.bj!sis
    SymbOS/Multidropper.bh!sis
    SymbOS/Multidropper.bn!sis
    Generic BackDoor.bb
    SymbOS/Multidropper.bl!sis
    SymbOS/Multidropper.bk!sis
    SymbOS/Multidropper.bi!sis
    SymbOS/Multidropper.bg!sis
  AOL Password (1)
    PWS-AOLFake
  Configurator (2)
    Iroffer.cfg
    BackDoor-CEP.cfg
  Damaged (1)
    BackDoor-AWQ.b.dam
  Downloader (4)
    PWS-Banker.dldr
    Downloader-ZQ
    Downloader-ASH
    Downloader-ACR
  Dropper (3)
    BackDoor-CKB.dr
    BackDoor-CEP.dr
    PWS-Goldun.dr
  Exploit (1)
    Exploit-ITSSHeap
  Flooder (1)
    FDoS-AIMPunt
  Generic (4)
    Exploit-OleData.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.b
    ServU-Daemon.gen.ba
  Heuristic (3)
    New Malware.n
    New Malware.u
    New Malware.j
  Internet Relay Chat (1)
    IRC/Flood.cg
  Password (3)
    PWS-LegMir
    PWS-Msnfake
    PWS-LDPinch
  Password Stealer (6)
    PWS-JA
    PWS-Banker.gen.ba
    PWS-MSNFake.a
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-WoW
  ProcKill (1)
    ProcKill-AK
  Proxy (2)
    Proxy-Horst
    Proxy-Piky
  Remote Access (6)
    BackDoor-AWQ.b
    BackDoor-CGZ
    BackDoor-CPX
    BackDoor-CMQ
    BackDoor-CKB
    BackDoor-CEP
  Spam (1)
    Spam-Loot
  Win32 (16)
    Generic VB
    IRC/Flood.cm
    HackerDefender
    Generic MultiDropper.k
    Generic VB.b
    Spy-Agent.l
    Puper
    Generic BackDoor.bc
    Generic Downloader.u
    Swizzor
    Generic Downloader.x
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
    Generic VB.c
    Generic Proxy.g
Virus (104)
  Application extension (4)
    W32/Sality.dll
    W32/Sality.n.dll
    W32/Sality.m.dll
    W32/Sality.p.dll
  Damaged (1)
    W32/Mytob.dam
  Damaged Worm (2)
    W32/Gaobot.worm.dam
    W32/Protoride.worm.dam
  E-mail (1)
    W32/Mytob.gr@MM
  E-mail worm (1)
    W32/Duel@MM
  Email (71)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.id@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.hq@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Exploit (1)
    Exploit-MS04-11
  Generic Worm (14)
    W32/Gaobot.worm.gen.e
    W32/IRCbot.worm.gen
    W32/Sdbot.worm.gen.w
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.ca
    W32/Sdbot.worm.gen.ae
    W32/Sdbot.worm.gen.cc
    W32/Spybot.worm.gen.p
    W32/Combra.worm.gen
    W32/Sdbot.worm.gen.ag
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.by
    W32/Gaobot.worm.gen.bi
  Internet Worm (1)
    W32/Generic.worm!p2p
  mIRC Worm (1)
    W32/Protoride.worm
  Win32 (5)
    W32/Loosky
    W32/Sality.q
    W32/Sality.p
    W32/Sality.n
    W32/Sality.m
  Worm (1)
    W32/Opanki.worm

posted by Will Pittenger at 3:52 AM 0 comments links to this post

Tuesday, May 23, 2006

Virus Updates for May 23nd, 2006

DAT Version:4768
DAT Release Date:5-23-2006
Threats Detected:192,370
New Detections:9
Enhanced Detections:92



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (1)
  Dropper (1)
    Adware-Boran.dr
Trojan (5)
   (1)
    Generic Downloader.bk
  Exploit (1)
    Exploit-OleData
  StartPage (1)
    StartPage-JI
  Win32 (2)
    QLowZones-40
    Spy-Agent.ay
Virus (3)
  Generic Worm (1)
    W32/Sdbot.worm.gen.cc
  Worm (2)
    W32/Shodi.worm.v
    W32/Ghandh.worm
Malware (1)
  Win32 (1)
    Exploit-Mydoom
Program (17)
   (1)
    Generic PUP.a
  - (2)
    Starr
    RemAdm-PSKill
  Adware (9)
    Adware-180SA
    Adware-Look2Me
    Adware-ISTBar
    Adware-Exactsearch
    Adware-MediaTickets
    Adware-Boran
    Adware-ZangoSA
    Adware-Shorty
    Adware-ClickSpring
  Dialer (1)
    Dialer-Egroup
  Downloader (1)
    Adware-ZangoSA.dldr
  Dropper (1)
    Adware-ExactSearch.dr
  Keylogger (1)
    Keylog-Ardamax
  Win32 (1)
    Fport
Trojan (52)
   (3)
    Generic Proxy.h
    AdClicker-EJ
    BraveSentry
  Application extension (1)
    PWS-Lineage.dll
  Downloader (6)
    Downloader-AWA
    Downloader-AFY
    PWS-Banker.dldr
    Downloader-ZQ
    Downloader-ASH
    Downloader-ARL
  Dropper (5)
    BackDoor-CKB.dr
    AdClicker-EJ.dr
    Kurofoo.dr
    MultiDropper-NB
    BackDoor-COC.dr
  Exploit (1)
    Exploit-ITSSHeap
  Generic (5)
    Exploit-OleData.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.t
    Exploit-MS06-012.gen
    Exploit-MS06-004.gen
  Heuristic (2)
    New Malware.d
    New Malware.u
  Password (1)
    PWS-LDPinch
  Password Stealer (3)
    PWS-Banker.gen.i
    PWS-Vassay
    PWS-Lineage
  Proxy (2)
    Proxy-Agent.ai
    Proxy-Raser
  Remote Access (6)
    BackDoor-ARR
    BackDoor-AWQ.b
    BackDoor-CVM
    BackDoor-CWM
    BackDoor-BAC.sys
    BackDoor-CMQ
  Spam (1)
    Tabela
  Win32 (16)
    DollarRevenue
    OptixKiller
    DDoS-Slack
    HackerDefender.sys
    Generic Downloader.ak
    QLowZones-33
    Generic Uploader.a
    FakeAlert-C
    Puper
    Kurofoo
    Swizzor
    Generic PWS.o
    Generic Dropper.i
    Generic BackDoor.u
    Generic Downloader.ab
    Kakkeys
Virus (22)
   (10)
    SymbOS/Commwarrior.h!sis
    SymbOS/Commwarrior.b!sis
    SymbOS/Commwarrior.a!sis
    SymbOS/Commwarrior.j!sis
    SymbOS/Commwarrior.c!sis
    SymbOS/Commwarrior.g!sis
    SymbOS/Commwarrior.i!sis
    SymbOS/Commwarrior.f!sis
    SymbOS/Commwarrior.d!sis
    SymbOS/Commwarrior.e!sis
  E-mail worm (1)
    W32/Combra.worm
  Email Generic (1)
    JS/Feebs.gen.f@MM
  Generic (1)
    SymbOS/Commwarrior.gen!sis
  Generic Worm (7)
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bo
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.bj
    W32/Bobax.worm.gen
  Internet Relay Chat Worm (1)
    W32/Akbot
  Win32 (1)
    W32/Puce

posted by Will Pittenger at 12:27 AM 0 comments links to this post

Monday, May 22, 2006

Virus Updates for May 22nd, 2006

DAT Version:4767
DAT Release Date:5-22-2006
Threats Detected:192,152
New Detections:20
Enhanced Detections:214



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (1)
  Tool (1)
    Tool-UnloadDLL
Trojan (13)
   (8)
    SymbOS/PBsender.g!app
    SymbOS/PBsender.g!sis
    SymbOS/PBsender.e!sis
    Generic Downloader.bd
    Ceegar
    SymbOS/PBsender.e!app
    SymbOS/PBsender.f!sis
    SymbOS/PBsender.d!sis
  Application extension (1)
    BackDoor-CPY.dll
  Exploit (2)
    Exploit-MailFox
    Exploit-ITSSHeap
  Linux (1)
    Linux/Phobi
  Remote Access (1)
    BackDoor-CKB!6708ddaf
Virus (6)
   (1)
    SymbOS/Cabir.z!sis
  Dropper (1)
    MLS/Lagob.dr
  Win32 (1)
    W32/Brepibot!8192
  Worm (3)
    Hilder.worm!bat
    W32/Skowor.worm
    W32/Genrack.worm
Program (10)
   (1)
    Generic PUP.a
  - (1)
    RemAdm-PSKill
  Adware (4)
    Adware-ISTBar
    Adware-NaviPromo
    Adware-Newweb
    Adware-DropSpam
  Generic (1)
    Dialer-RAS.gen.aa
  Spyware (1)
    Spyware-RealSpy
  Win32 (2)
    ServU-Daemon
    Generic Adware.aa
Trojan (78)
   (4)
    Generic BackDoor.d
    Generic Dropper.o
    Generic BackDoor.bb
    QHosts-18!hosts
  - (3)
    BackDoor-AOU
    W32/Bagle.dll.dr
    AdClicker-AJ
  Application extension (3)
    Puper.dll
    BackDoor-CKB.dll
    BackDoor-CXO.dll
  Configurator (1)
    Generic PWS.b.cfg
  Downloader (6)
    Downloader-ATM!CME-934
    Downloader-ATM!CME-503
    Downloader-ZQ
    Downloader-ATM
    Downloader-ASH
    Downloader-ARL
  Dropper (6)
    VBS/Inor
    PWS-LDPinch.dr
    BackDoor-CZL.dr
    BackDoor-CKB.dr
    Puper.dr
    MultiDropper-QH
  Generic (6)
    Exploit-MhtRedir.gen
    Exploit-OleData.gen
    Swizzor.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.t
    Generic Downloader.gen.bc
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Heuristic (2)
    New Malware.u
    New Malware.ab
  Java Applet (1)
    JV/Shinwow
  Password (2)
    PWS-LegMir
    PWS-LDPinch
  Password Stealer (8)
    Generic PWS.b
    PWS-JA
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
    PWS-Cashgrabber
    PWS-Banker.bh
    PWS-Lineage
    PWS-Mifeng
  PDA Device (1)
    SymbOS/Skulls.a
  Proxy (1)
    Proxy-Horst
  Remote Access (8)
    BackDoor-AWQ.b
    BackDoor-AVW
    BackDoor-BCB
    BackDoor-CKB.sys
    BackDoor-CPX
    BackDoor-CPY
    BackDoor-CMQ
    BackDoor-CKB
  Script (2)
    Generic component
    PHP/Defash
  Server (1)
    BackDoor-CUR.svr
  Win32 (22)
    Generic Downloader.a
    HackerDefender
    Generic BackDoor.bg
    DollarRevenue
    Puper
    Generic Downloader.j
    Generic Downloader.s
    Generic Downloader.be
    Generic BackDoor.be
    Generic BackDoor.ba
    Generic Downloader.u
    Generic PWS.o
    Generic QLowZones.a
    Generic Dropper.i
    Generic Downloader.ab
    Generic VB.c
    CryZip
    AdClicker-DW
    Generic Proxy.e
    Spy-Agent.y
    Generic Downloader.g
    Generic AdClicker.c
Virus (126)
   (16)
    SymbOS/Skulls.ci
    SymbOS/Skulls.f
    SymbOS/Skulls.e
    SymbOS/Skulls.g
    SymbOS/Skulls.h
    SymbOS/Skulls.i
    SymbOS/Skulls.cf
    SymbOS/Skulls.cg
    SymbOS/PBsender.d!app
    SymbOS/PBsender.c!app
    SymbOS/PBsender.a!app
    SymbOS/PBsender.b!app
    SymbOS/Skulls.c
    SymbOS/Skulls!aif
    SymbOS/Skulls.d
    SymbOS/Skulls.ca
  Damaged (1)
    W32/Netsky.dam
  Dropper (1)
    W32/Areses.dr
  Dropper Email (1)
    W32/Mytob.dr@MM
  E-mail (10)
    W32/Mytob.be@MM
    W32/Mytob.bi@MM
    W32/Mytob.bj@MM
    W32/Mytob.bo@MM
    W32/Mytob.bl@MM
    W32/Mytob.br@MM
    W32/Mytob.bf@MM
    W32/Mytob.cg@MM
    W32/Mytob.ch@MM
    W32/Areses.h
  Email (65)
    W32/Mytob.hr@MM
    W32/Mytob.b@MM
    W32/Mytob.a@MM
    W32/Mytob.ev@MM
    W32/Mytob.at@MM
    W32/Mytob.ib@MM
    W32/Mytob.av@MM
    W32/Mytob.au@MM
    W32/Mytob.hy@MM
    W32/Mytob.fy@MM
    W32/Mytob.fw@MM
    W32/Mytob.fx@MM
    W32/Mytob.gg@MM
    W32/Mytob.gl@MM
    W32/Mytob.gj@MM
    W32/Mytob.gi@MM
    W32/Mytob.hs@MM
    W32/Mytob.bg@MM
    W32/Mytob.bx@MM
    W32/Mytob.cd@MM
    W32/Mytob.gd@MM
    W32/Mytob.gc@MM
    W32/Mytob.gb@MM
    W32/Mytob.ga@MM
    W32/Mytob.gf@MM
    W32/Mytob.gp@MM
    W32/Mytob.gq@MM
    W32/Mytob.bn@MM
    W32/Mytob.dh@MM
    W32/Mytob.r@MM
    W32/Mytob.e@MM
    W32/Mytob.c@MM
    W32/Mytob.gt@MM
    W32/Mytob.g@MM
    W32/Mytob.bt@MM
    W32/Mytob.bp@MM
    W32/Mytob.ct@MM
    W32/Mytob.cf@MM
    W32/Mytob.dd@MM
    W32/Mytob.ca@MM
    W32/Mytob.n@MM
    W32/Mytob.f@MM
    W32/Mytob.d@MM
    W32/Mytob.cs@MM
    W32/Mytob.dk@MM
    W32/Mytob.dz@MM
    W32/Mytob.eb@MM
    W32/Mytob.ds@MM
    W32/Mytob.ea@MM
    W32/Mytob.gu@MM
    W32/Mytob.gx@MM
    W32/Mytob.hq@MM
    W32/Mytob.ej@MM
    W32/Mytob.hp@MM
    W32/Mytob.gy@MM
    W32/Mytob.hf@MM
    W32/Mytob.gw@MM
    W32/Mytob.gz@MM
    W32/Mytob.hg@MM
    W32/Mytob.hh@MM
    W32/Mytob.hi@MM
    W32/Mytob.gv@MM
    W32/Mytob.he@MM
    W32/Mytob.es@MM
    W32/Mytob.eq@MM
  Email Generic (2)
    W32/Mytob.gen@MM
    W32/Feebs.gen@MM
  Generic (3)
    SymbOS/Skulls.gen
    W32/Lemoor.gen
    SymbOS/PBsender.gen!app
  Generic Worm (15)
    W32/Sdbot.worm.gen.as
    W32/Sdbot.worm.gen.bg
    W32/Sdbot.worm.gen.n
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.bl
    W32/Sdbot.worm.gen.bs
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bo
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Bobax.worm.gen
  Internet Worm (2)
    W32/NoChod@MM
    W32/Mytob.bk@MM
  Script (1)
    VBS/Pazuzu
  Win32 (6)
    New Win32.g1
    New Poly Win32
    W32/Areses.f
    W32/Areses.g
    W32/Generic.n
    W32/Feebs!rootkit
  Worm (3)
    W32/Sites.worm
    W32/Mytob.worm!im
    W32/Opanki.worm

posted by Will Pittenger at 12:04 AM 0 comments links to this post

Friday, May 19, 2006

Virus Updates for May 19th, 2006

DAT Version:4766
DAT Release Date:5-19-2006
Threats Detected:191,789
New Detections:6
Enhanced Detections:114



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Trojan (5)
Damaged (1)
Exploit-ScriptNull.dam
Password Stealer (1)
PWS-Agent.c
Remote Access (1)
BackDoor-CKB!cfaae1e6
Win32 (2)
Generic Downloader.be
MayArchive
Virus (1)
Email (1)
W32/Areses.m@MM
Internet Worm (1)
E-mail (1)
W32/Areses.a@MM
Program (10)
Adware (4)
Adware-Adpower
Adware-MediaTickets
Adware-DesktopMedia
Adware-SurfSideKick
Application extension (1)
Adware-SurfSideKick.dll
Dropper (1)
Spyware-WebHancer.dr
Generic (1)
Dialer-RAS.gen.aa
Spyware (1)
Spyware-RealSpy
Win32 (2)
Generic HTool.bb
Generic Dialer.ba
Trojan (57)
(3)
Generic BackDoor.bb
Generic.dc
Painter
Application extension (2)
Puper.dll
AdClicker-AF.dll
Configurator (1)
Generic PWS.b.cfg
Dialer (1)
QDial-43
Downloader (7)
Downloader-ABU
Downloader-ATM!CME-934
Downloader-ATM!CME-503
Downloader-ZQ
Downloader-ATM
Downloader-ASH
Downloader-ACR
Dropper (5)
PWS-LDPinch.dr
QDial-43.dr
MultiDropper-OP
MultiDropper-OU
Puper.dr
Dropper Generic (1)
W32/Sdbot.dr.gen
Exploit (3)
Exploit-DcomRpc
JS/Exploit-HelpXSite
Exploit-DirTraversal
Generic (6)
Exploit-DcomRpc.gen
Perl/Exploit.gen
Proxy-Mitglieder.gen.b
Exploit-OleData.gen
PWS-Banker.gen.bb
PWS-Banker.gen.t
Generic Worm (1)
W32/Sdbot.worm.gen.ax
Heuristic (5)
New Malware.n
New Malware.u
New Malware.f
New Malware.aj
New Malware.ae
Password (1)
PWS-LDPinch
Password Stealer (6)
Generic PWS.b
PWS-QQDrag
PWS-Banker.gen.ba
PWS-Poker
PWS-Banker.gen.i
PWS-Banker.gen.h
Proxy (1)
Proxy-Horst
Remote Access (4)
BackDoor-AZV
BackDoor-AWQ.b
BackDoor-AVW
BackDoor-CKB
Win32 (10)
Generic Downloader.c
Generic Downloader.bb
Generic Downloader.y
Swizzor
Generic PWS.o
Zquest
Generic Dropper.i
Generic BackDoor.u
Generic Downloader.ab
Generic Proxy.g
Virus (46)
E-mail (3)
W32/Areses.k@MM
W32/Mytob.bh@MM
W32/Areses.j@MM
Email (33)
W32/Mytob.ak@MM
W32/Mytob.am@MM
W32/Mytob.ar@MM
W32/Mytob.aq@MM
W32/Mytob.ex@MM
W32/Areses.l@MM
W32/Mytob.gk@MM
W32/Areses.i@MM
W32/Areses.h@MM
W32/Mytob.cu@MM
W32/Mytob.ce@MM
W32/Mytob.dg@MM
W32/Mytob.dc@MM
W32/Mytob.r@MM
W32/Mytob.di@MM
W32/Mytob.df@MM
W32/Mytob.dj@MM
W32/Mytob.v@MM
W32/Mytob.u@MM
W32/Mytob.t@MM
W32/Mytob.y@MM
W32/Mytob.cz@MM
W32/Mytob.dm@MM
W32/Mytob.ah@MM
W32/Mytob.dq@MM
W32/Mytob.dt@MM
W32/Mytob.ag@MM
W32/Mytob.an@MM
W32/Mytob.ec@MM
W32/Mytob.ef@MM
W32/Mytob.eo@MM
W32/Mytob.er@MM
W32/Mytob.ep@MM
Email Generic (1)
W32/Mytob.gen@MM
Generic Worm (7)
W32/Sdbot.worm.gen.bg
W32/Sdbot.worm.gen.n
W32/Sdbot.worm.gen.bs
W32/Sdbot.worm.gen.bp
W32/Sdbot.worm.gen.bh
W32/Sdbot.worm.gen.bw
W32/Sdbot.worm.gen.t
Script (1)
VBS/Generic
Worm (1)
W32/Opanki.worm

posted by Will Pittenger at 10:44 PM 0 comments links to this post

Thursday, May 18, 2006

Virus Updates for May 18th, 2006

DAT Version:4765
DAT Release Date:5-18-2006
Threats Detected:191,481
New Detections:13
Enhanced Detections:123



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Trojan (4)
  Downloader (2)
    Downloader-AWJ
    Downloader-AWK
  Password Stealer (1)
    PWS-Banker.gen.ac
  Registry (1)
    QReg-16
Virus (9)
  Downloader (1)
    W32/Bagle.ey.dldr
  Email (3)
    W32/Kidala.c@MM
    W32/Areses.l@MM
    W32/Bagle.ez@MM
  Macro (2)
    X97M/Skowor
    W97M/Tomber
  Script (3)
    VBS/Lesto
    VBS/Pazuzu
    VBS/Entrophy
Internet Worm (4)
  E-mail (3)
    W32/Kidala.b@MM
    W32/Areses.a@MM
    W32/Kidala.a@MM
  File Deletion (1)
    W32/Erazor.worm
Program (2)
  Adware (1)
    Adware-Zeno
  Win32 (1)
    Winfixer
Trojan (63)
   (2)
    Generic Dropper.b
    Generic BackDoor.bb
  - (1)
    Spam-Mailbot
  Application extension (1)
    BackDoor-CSN.dll
  Downloader (8)
    W32/Bagle.cj
    BackDoor-CYY.dldr
    Downloader-AWF
    Downloader-AWI
    PWS-Banker.dldr
    W32/Bagle.dk
    Downloader-ABU
    Downloader-ACR
  Dropper (3)
    BackDoor-AWQ.b.dr
    BackDoor-CSN.dr
    Puper.dr
  Dropper Generic (1)
    W32/Sdbot.dr.gen
  Exploit (1)
    Exploit-DcomRpc
  Generic (9)
    Generic Downloader.gen.bd
    Generic Downloader.gen.be
    PWS-Banker.gen.ab
    PWS-Banker.gen.bb
    ASP/BackDoor.gen
    PWS-Banker.gen.j
    PWS-Banker.gen.t
    ServU-Daemon.gen.ba
    APStrojan.gen5e
  Heuristic (3)
    New Malware.n
    New Malware.j
    New Malware.ag
  Password (1)
    PWS-LegMir
  Password Stealer (3)
    PWS-Banker.gen.ba
    PWS-Poker
    PWS-Banker.gen.i
  Proxy (1)
    Proxy-FBSR
  Remote Access (9)
    BackDoor-AZV
    BackDoor-AWQ.b
    BackDoor-CUL
    BackDoor-CVM
    BackDoor-CMQ
    BackDoor-CYX
    BackDoor-CYY
    BackDoor-CMR
    BackDoor-CMI
  Script (2)
    Generic component
    Erazor.bat
  Win32 (18)
    Generic Downloader.c
    Generic VB.b
    Puper
    Generic Downloader.s
    Generic BackDoor.be
    Generic BackDoor.bd
    Generic BackDoor.ba
    Generic Downloader.y
    Swizzor
    Generic Downloader.r
    Generic PWS.o
    Generic QLowZones.a
    Generic Dropper.i
    Generic BackDoor.u
    Generic Downloader.ab
    Generic PWS.s
    Spy-Agent.ak
    Generic MultiDropper.b
Virus (54)
  Application extension (3)
    W32/Bagle.ew.dll
    W32/Bagle.dll
    W32/Bagle.ex.dll
  Damaged Worm (1)
    W32/Sdbot.worm.dam
  Downloader (4)
    W32/Bagle.ci
    W32/Bagle.ck
    W32/Bagle.cl
    W32/Bagle.cn
  Dropper (1)
    Bat/Kads.dr
  E-mail (2)
    W32/Areses.k@MM
    W32/Areses.j@MM
  Email (2)
    W32/Areses.i@MM
    W32/Areses.h@MM
  Floppy (1)
    W32/Generic!floppy
  Generic Worm (20)
    W32/IRCbot.worm.gen
    W32/Spybot.worm.gen.bx
    W32/Gaobot.worm.gen.bj
    W32/Opanki.worm.gen
    W32/Sdbot.worm.gen.l
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.ca
    W32/Sdbot.worm.gen.bk
    W32/Sdbot.worm.gen.ae
    W32/Sdbot.worm.gen.bs
    W32/Sdbot.worm.gen.bz
    W32/Sdbot.worm.gen.bp
    W32/Sdbot.worm.gen.bo
    W32/Spybot.worm.gen.o
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.bi
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.bj
    W32/Sdbot.worm.gen.bw
    W32/Sdbot.worm.gen.ac
  Macro (1)
    X97M/Anis
  Peer To Peer (1)
    W32/Generic.d!p2p
  Script (2)
    VBS/Generic
    Bat/Kads
  Win32 (15)
    New Win32
    W32/Generic.d
    W32/Bagle.cw
    W32/Bagle.cu
    W32/Bagle.cr
    W32/Bagle.co
    W32/Bagle.cm
    W32/Bagle.cx
    W32/Bagle.cv
    W32/Bagle.cs
    W32/Bagle.an
    W32/Generic.e
    Generic BackDoor.bf
    W32/Generic!msn
    W32/Generic!im
  Worm (1)
    W32/Generic.worm.b

posted by Will Pittenger at 2:13 AM 0 comments links to this post

Wednesday, May 17, 2006

Virus Updates for May 17th, 2006

DAT Version:4764
DAT Release Date:5-17-2006
Threats Detected:190,899
New Detections:17
Enhanced Detections:121



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an AVERT risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

NameCorporate Risk AssessmentHome Risk Assessment
PWS-Poker

Low-Profiled

Low-Profiled

Full list

New DetectionsEnhanced detections
Program (4)
  Adware (1)
    Adware-Give4Free
  Joke (1)
    Joke-Tsunami
  Win32 (2)
    Generic Keylog.d
    DRMProt
Trojan (12)
   (2)
    Spy-Agent.ax
    AdClicker-EJ
  Configurator (1)
    Orifice.cfg
  Dialer (1)
    QDial-43
  Downloader (2)
    Downloader-AWH
    Downloader-AWI
  Dropper (2)
    QDial-43.dr
    AdClicker-EJ.dr
  Password Stealer (1)
    PWS-Poker
  Script (1)
    AdClicker-EJ!hta
  Win32 (2)
    TrapMouseKey
    Benal
Virus (1)
  Win32 (1)
    W32/Lebmog
Internet Worm (2)
  E-mail (1)
    W32/Areses.a@MM
  File Deletion (1)
    W32/Erazor.worm
Program (12)
   (2)
    Generic PUP.a
    Generic PUP.b
  Adware (1)
    Adware-Starware
  Application extension (1)
    Adware-Beginto.dll
  Dialer (2)
    Dialer-Generic.e
    Dialer-292
  Dropper (1)
    Adware-Beginto.dr
  Malware Tool (1)
    Spam-TopMail
  Tool (1)
    Tool-NetCat
  Win32 (3)
    RemAdm-RemoteAdmin
    Generic Dialer.ba
    Uploader-AB
Trojan (79)
   (5)
    Generic BackDoor.d
    Generic Dropper.b
    Generic BackDoor.bb
    Generic Proxy.h
    Generic.f
  Application extension (3)
    PWS-Legmir.dll
    BackDoor-AWQ.dll
    BackDoor-BAC.dll
  Client (1)
    Orifice2K.cli
  Configuration settings (1)
    HackerDefender.ini
  Configurator (1)
    Orifice2K.cfg
  Downloader (4)
    Downloader-AAP
    Downloader-AUE
    Downloader-ASN
    Downloader-ASH
  Dropper (4)
    Generic BackDoor.dr
    BackDoor-AWQ.dr
    BackDoor-CKB.dr
    PWS-Banker.dr.a
  Exploit (3)
    JS/Exploit-ObjectCDS
    JS/Exploit-HelpXSite
    Exploit-DFind
  Generic (9)
    Exploit-CodeBase.gen
    Generic Downloader.gen.bd
    Exploit-OleData.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.b
    PWS-Banker.gen.l
    PWS-Banker.gen.j
    PWS-Banker.gen.g
    BackDoor-BAC.gen.b
  Heuristic (1)
    New Malware.u
  Malware Tool (1)
    Spam-Gadina
  Password (2)
    PWS-LegMir
    PWS-QQPass
  Password Stealer (8)
    PWS-JA
    PWS-Lineage!chm
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Banker.ba
    PWS-Banker.bh
    PWS-WoW
    PWS-Lineage
  Remote Access (11)
    BackDoor-AWQ.b
    BackDoor-BAC
    BackDoor-AWQ
    BackDoor-CZV
    BackDoor-CQC
    BackDoor-CRK
    BackDoor-BAC.gen.d
    BackDoor-BAC.sys
    BackDoor-CMQ
    BackDoor-CZI
    BackDoor-CKB
  Script (2)
    VBS/Piky
    Generic component
  Server (1)
    Orifice2K.svr
  Tool (1)
    Tool-HideWindow
  Win32 (21)
    Generic VB
    Generic Downloader.c
    Orifice2K
    Generic Downloader.n
    Generic MSVC
    Generic Downloader.d
    Puper
    Generic Downloader.s
    Generic BackDoor.be
    Generic BackDoor.ba
    Swizzor
    Generic Downloader.q
    Generic PWS.o
    Generic QLowZones.a
    Generic BackDoor.u
    Generic Downloader.ab
    Generic VB.c
    Exponny
    Generic BackDoor.w
    Generic Downloader.g
    Generic Downloader.h
Virus (28)
  Application extension Worm (1)
    W32/IRCbot.worm.dll
  Damaged Worm (2)
    W32/Protoride.worm.dam
    W32/Sdbot.worm.dam
  E-mail (3)
    Exploit-MIME.gen
    W32/Areses.k@MM
    W32/Areses.j@MM
  Email (2)
    W32/Areses.i@MM
    W32/Areses.h@MM
  Generic (1)
    Exploit-MIME.gen.exe
  Generic Worm (9)
    W32/Sdbot.worm.gen.bg
    W32/Sdbot.worm.gen.h
    W32/Spybot.worm.gen.by
    W32/Sdbot.worm.gen.ae
    W32/Sdbot.worm.gen.bq
    W32/Gaobot.worm.gen.t
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.by
    W32/Sdbot.worm.gen.q
  Heuristic (1)
    New Script.ext
  JavaScript (1)
    JS/Xilos
  mIRC Worm (1)
    W32/Protoride.worm
  Script (1)
    Univ.script/99a
  VbScript (2)
    VBS/Loveletter@MM
    New Script
  Win32 (2)
    W32/Jadi
    W32/Loosky
  Win9x (2)
    W95/CTX.10853
    W95/CTX.6886

posted by Will Pittenger at 2:17 AM 0 comments links to this post

Tuesday, May 16, 2006

Virus Updates for May 16th, 2006

DAT Version:4763
DAT Release Date:5-16-2006
Threats Detected:190579
New Detections:15
Enhanced Detections:122



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (1)
Malware Tool (1)
Spam-TopMail
Trojan (12)
(1)
SymbOS/Multidropper.bn!sis
Application extension (1)
BackDoor-CIT.dll
Downloader (2)
Downloader-AWG
Downloader-AWF
Dropper (1)
MultiDropper-QP
Flooder (1)
FDoS-Yahoo.DeathBom
Generic (1)
Exploit-OleData.gen
Remote Access (2)
BackDoor-CZV
BackDoor-CZU
Script (1)
PHP/Defash
Win32 (1)
Spy-Agent.aw
Worm (1)
W32/Remhk.worm
Virus (2)
E-mail (1)
W32/Areses.k@MM
Email Generic (1)
JS/Feebs.gen.j@MM
- (1)
- (1)
Exploit-Shockwave
Program (8)
(3)
Generic Adware.inf.a
Generic Adware.txt
UnRealIRC
Adware (2)
Adware-DFC
Adware-IEDriver
Dialer (1)
Dialer-Generic.e
Downloader (1)
Adware-NS.dldr
Tool (1)
HTool-kker
Trojan (86)
(10)
Generic BackDoor.d
SymbOS/Multidropper.bf!sis
SymbOS/Multidropper.bj!sis
SymbOS/Multidropper.bh!sis
Generic BackDoor.bb
SymbOS/Multidropper.bl!sis
SymbOS/Multidropper.bk!sis
SymbOS/Multidropper.bi!sis
SymbOS/Multidropper.bg!sis
EditStartPage
- (2)
NTRootKit-J
Spam-Mailbot
AOL Password (1)
PWS-AOLFake
Application extension (3)
BackDoor-AWQ.dll
BackDoor-CGX.dll
Puper.dll
Configuration settings (1)
HackerDefender.ini
Damaged (1)
BackDoor-AWQ.b.dam
Downloader (13)
Downloader-DN
Downloader-FR
Downloader-AAD
Downloader-AEU
PWS-Banker.dldr
Downloader-AQV
Downloader-ABU
Downloader-AVM
Downloader-ZQ
Downloader-ASH
Downloader-ACR
Downloader-AQW
Downloader-QY
Dropper (3)
VBS/Inor
BackDoor-AWQ.dr
Kurofoo.dr
Exploit (1)
Exploit-IIS.Start
Flooder (7)
FDoS-Yahoo.Sponge
FDoS-Yahoo.RifRaf
FDoS-Yahoo.Double
FDoS-Yahoo.Killzone
FDoS-Yahoo.Jetlag
FDoS-Yahoo.Gucci
FDoS-Yahoo.Mystery
Generic (6)
Exploit-MhtRedir.gen
Generic Downloader.gen.bd
Generic Downloader.gen.be
PWS-Banker.gen.bb
PWS-Banker.gen.t
Exploit-MS06-006.gen
Generic Worm (1)
W32/Sdbot.worm.gen.ax
Heuristic (1)
New Malware.ab
Password (1)
PWS-WMPatch
Password Stealer (5)
PWS-Banker.gen.ba
PWS-Banker.gen.i
PWS-Banker.bh
PWS-WoW
PWS-Lineage
Proxy (3)
Proxy-FBSR
Proxy-Agent.c
Proxy-Horst
Remote Access (3)
BackDoor-AWQ.b
BackDoor-AWQ
BackDoor-CIT
Script (1)
Bat/arh
Win32 (23)
Generic BackDoor.b
Generic Delphi
Generic Downloader.c
QLowZones-32
Generic Downloader.p
Puper
Generic Downloader.s
Generic BackDoor.be
Generic BackDoor.bc
Generic BackDoor.ba
Kurofoo
Eeb
Generic Dropper.ad
Generic Dropper.p
Swizzor
Generic PWS.o
Generic Dropper.i
Generic BackDoor.u
Generic Downloader.ab
Generic VB.c
Generic AdClicker.p
Spy-Agent.ak
Generic AdClicker.d
Virus (27)
Email Generic (1)
W32/Feebs.gen@MM
Generic (1)
W32/IRCbot.gen.b
Generic Worm (20)
W32/Sdbot.worm.gen.as
W32/Sdbot.worm.gen.bg
W32/Gaobot.worm.gen.bj
W32/Opanki.worm.gen
W32/Spybot.worm.gen.bj
W32/Sdbot.worm.gen.l
W32/Sdbot.worm.gen.h
W32/Sdbot.worm.gen.m
W32/Sdbot.worm.gen.bk
W32/Sdbot.worm.gen.ae
W32/Sdbot.worm.gen.bs
W32/Sdbot.worm.gen.ag
W32/Gaobot.worm.gen.bw
W32/Sdbot.worm.gen.bh
W32/Sdbot.worm.gen.bi
W32/Sdbot.worm.gen.by
W32/Sdbot.worm.gen.bj
W32/Gaobot.worm.gen.bi
W32/Gaobot.worm.gen.by
W32/Sdbot.worm.gen.y
Peer To Peer (1)
W32/Generic.d!p2p
VbScript (1)
VBS/Loveletter@MM
Win32 (2)
Generic BackDoor.bf
W32/Feebs!rootkit
Worm (1)
W32/Dedler.worm

posted by Will Pittenger at 2:21 AM 0 comments links to this post

Monday, May 15, 2006

Virus Updates for May 15th, 2006

DAT Version:4762
DAT Release Date:5-15-2006
Threats Detected:190,171
New Detections:11
Enhanced Detections:182



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an AVERT risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

NameCorporate Risk AssessmentHome Risk Assessment
W32/Hoots.worm

Low-Profiled

Low-Profiled

Full list

New DetectionsEnhanced detections
Program (1)
Malware Tool (1)
PWCrack-Crax
Trojan (7)
(1)
AdClicker-EI
Application extension (1)
Downloader-AUE.dll
Dropper (1)
Kurofoo.dr
Generic (1)
PWS-Banker.gen.ab
Remote Access (1)
BackDoor-CZT
Win32 (2)
Kurofoo
ProcKill
Virus (3)
Email (1)
W32/Lovgate.au@MM
Win32 (1)
W32/Niklas
Worm (1)
W32/Hoots.worm
Program (5)
Adware (3)
Adware-Adwin
Adware-NaviPromo
Adware-ClickSpring
Win32 (2)
Generic Adware.aa
Generic HTool.bb
Trojan (95)
(4)
Generic Dropper.o
Generic.cf
Generic BackDoor.bb
Generic.cd
Application extension (2)
PWS-Legmir.dll
MailSkinner.dll
Configurator (2)
ProcKill-Q.cfg
Generic PWS.c.cfg
Downloader (6)
BackDoor-CYY.dldr
Downloader-AAP
Downloader-ABU
Downloader-AUE
Downloader-ASH
Downloader-ARM
Dropper (3)
PWS-LDPinch.dr
Generic PWS.c.dr
PWS-Goldun.dr
Exploit (1)
Exploit-SWF.b!demo
Generic (7)
Generic Downloader.gen.bd
Generic Downloader.gen.be
Swizzor.gen
PWS-Banker.gen.bb
PWS-Banker.gen.g
RemAdm-RemoteAdmin.gen.ba
PWS-Banker.gen.v
Generic Worm (1)
W32/Sdbot.worm.gen.ax
Password (1)
PWS-LDPinch
Password Stealer (10)
Generic PWS.c
PWS-QQRob
PWS-JA
Generic PWS.u
PWS-Banker.gen.ba
PWS-Banker.gen.i
PWS-Banker.gen.h
PWS-Banker.au
PWS-Lineage
PWS-Yulz
PDA Device (1)
SymbOS/Skulls.a
Process (2)
ProcKill-AE
ProcKill-AF
ProcKill (23)
ProcKill-BW
ProcKill-H
ProcKill-F
ProcKill-BT
ProcKill-BO
ProcKill-BJ
ProcKill-AU
ProcKill-AL
ProcKill-AC
ProcKill-AA
ProcKill-S
ProcKill-Q
ProcKill-P
ProcKill-M
ProcKill-L
ProcKill-K
ProcKill-J
ProcKill-F.cln
ProcKill-D
ProcKill-C
ProcKill-DQ
ProcKill-CG
ProcKill-BX
Proxy (2)
Proxy-Agent.au
Proxy-Piky
Remote Access (6)
BackDoor-AWQ.b
BackDoor-CGX
BackDoor-CMQ
BackDoor-CYY
Generic BackDoor.m
Generic BackDoor.k
Spam (1)
Spam-Loot
Spyware (1)
MailSkinner
Trojan (1)
Multidropper
Win32 (21)
Generic Downloader.a
Generic BackDoor.b
Generic BackDoor.f
Generic BackDoor.bg
Generic VB.b
Generic Downloader.d
FakeAlert-C
Generic Downloader.s
QLowZones-15
Generic BackDoor.be
Generic BackDoor.bc
Generic BackDoor.ba
Generic AdClicker.j
Generic AdClicker.b
Generic PWS.o
Generic QLowZones.a
Generic BackDoor.u
Generic Downloader.ab
DDoS-Boxed
AdClicker-BJ
Generic AdClicker.d
Virus (82)
(12)
SymbOS/Skulls.ci
SymbOS/Skulls.f
SymbOS/Skulls.e
SymbOS/Skulls.g
SymbOS/Skulls.h
SymbOS/Skulls.i
SymbOS/Skulls.cf
SymbOS/Skulls.cg
SymbOS/Skulls.c
SymbOS/Skulls!aif
SymbOS/Skulls.d
SymbOS/Skulls.ca
Application extension (1)
W32/Kernl.dll
Damaged (3)
W32/Lovgate.dam
W32/Netsky.dam!zip
W32/Lovgate.x.dam
E-mail (1)
W32/Lovgate.ah@MM
E-mail worm (7)
W32/Lovgate.f@M
W32/Lovgate.g@M
W32/Lovgate.ac@MM
W32/Lovgate.ad@MM
W32/Lovgate.af@MM
W32/Lovgate.aj@MM
W32/Lovgate.ab@MM
Email (28)
W32/Lovgate.r@MM
W32/Lovgate.b@M
W32/Lovgate.ar@MM
W32/Lovgate.m@M
W32/Netsky.q@MM!zip
W32/Netsky.n@MM!zip
W32/Netsky.b@MM!zip
W32/Netsky.p@MM!zip
W32/Netsky.c@MM!zip
W32/Netsky.a@MM!zip
W32/Netsky.z@MM!zip
W32/Lovgate.q@MM
W32/Lovgate.p@MM
W32/Lovgate.v@M
W32/Lovgate.t@MM
W32/Lovgate.u@MM
W32/Lovgate.w@M
W32/Lovgate.al@MM
W32/Lovgate.at@MM
W32/Lovgate.aa@MM
W32/Lovgate.ao@MM
W32/Lovgate.an@MM
W32/Lovgate.as@MM
W32/Netsky.ai@MM!zip
W32/Lovgate.aq@MM
W32/Netsky.ag@MM!zip
W32/Lovgate.ak@MM
W32/Lovgate.ae@MM
Email Generic (1)
JS/Feebs.gen.h@MM
Email Worm (2)
W32/Lovgate.ai@MM
W32/Lovgate.ag@MM
Generic (1)
SymbOS/Skulls.gen
Generic Worm (11)
W32/Sdbot.worm.gen.bg
W32/Sdbot.worm.gen.n
W32/Sdbot.worm.gen.h
W32/Sdbot.worm.gen.m
W32/Sdbot.worm.gen.bs
W32/Sdbot.worm.gen.bh
W32/Sdbot.worm.gen.bi
W32/Sdbot.worm.gen.by
W32/Sdbot.worm.gen.bj
W32/Gaobot.worm.gen.bi
W32/Gaobot.worm.gen.by
Internet Relay Chat Worm (1)
W32/Akbot
Peer To Peer (1)
W32/Generic.d!p2p
Win32 (6)
New Win32.s
New Win32
W32/Lovgate
Generic BackDoor.bf
W32/Loosky
W32/Generic.x
Worm (7)
W32/Lovgate.n@M
W32/Lovgate.l@M
W32/Lovgate.a@M
W32/Lovgate.c@M
W32/Lovgate.s@MM
W32/Lovgate.x@MM
W32/Dedler.worm

posted by Will Pittenger at 6:39 PM 0 comments links to this post

Friday, May 12, 2006

May 12th, 2006

DAT Version:4761
DAT Release Date:5-12-2006
Threats Detected:189,692
New Detections:9
Enhanced Detections:73



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Trojan (2)
  Remote Access (1)
    BackDoor-CZS
  Win32 (1)
    Generic Uploader.a
Virus (7)
  Application extension (1)
    W32/Bagle.ex.dll
  Companion (2)
    W32/Kenfa.cmp.a
    W32/Kenfa.cmp.b
  Email (1)
    W32/Bugbear.n@MM
  Win32 (2)
    W32/Bagle.ex
    W32/Virut.a
  Worm (1)
    Hilder.worm
Trojan (34)
   (1)
    Generic BackDoor.bb
  Application extension (3)
    BackDoor-BAC.dll
    Generic.da.dll
    Puper.dll
  Downloader (6)
    Downloader-DC
    W32/Bagle.cj
    W32/Bagle.dk
    Downloader-YF
    Downloader-ZQ
    Downloader-MC
  Dropper (1)
    PWS-Goldun.dr
  Exploit (2)
    Exploit-CreateTxtRng
    Exploit-SWF.b!demo
  Generic (4)
    Oleloa.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.t
    PWS-Banker.gen.v
  Password Stealer (5)
    PWS-Banker.ai
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
    PWS-Goldun.sys
    PWS-WoW
  PDA Device (1)
    SymbOS/Skulls.a
  Proxy (1)
    Proxy-Horst
  Remote Access (3)
    Generic BackDoor.l
    BackDoor-CYY
    BackDoor-CKB
  Win32 (7)
    Generic Downloader.a
    Puper
    Generic Downloader.s
    Generic Downloader.af
    Generic Downloader.r
    Generic PWS.o
    Generic Downloader.ab
Virus (39)
   (12)
    SymbOS/Skulls.ci
    SymbOS/Skulls.f
    SymbOS/Skulls.e
    SymbOS/Skulls.g
    SymbOS/Skulls.h
    SymbOS/Skulls.i
    SymbOS/Skulls.cf
    SymbOS/Skulls.cg
    SymbOS/Skulls.c
    SymbOS/Skulls!aif
    SymbOS/Skulls.d
    SymbOS/Skulls.ca
  Application extension (2)
    W32/Bagle.ew.dll
    W32/Bagle.dll
  Downloader (4)
    W32/Bagle.ci
    W32/Bagle.ck
    W32/Bagle.cl
    W32/Bagle.cn
  E-mail (2)
    W32/Bugbear.o@MM
    W32/Bagle.bf@MM
  Email (1)
    W32/Bagle.ar@MM
  Email Generic (1)
    JS/Feebs.gen.h@MM
  Generic (1)
    SymbOS/Skulls.gen
  Generic Worm (1)
    W32/Sdbot.worm.gen.h
  Internet Worm (1)
    W32/Bugbear.gen@MM
  Win32 (14)
    New Win32.s
    New Poly Win32
    New Win32
    W32/Bagle.cw
    W32/Bagle.cu
    W32/Bagle.cr
    W32/Bagle.co
    W32/Bagle.cm
    W32/Bagle.cx
    W32/Bagle.cv
    W32/Bagle.cs
    W32/Bagle.an
    W32/Bagway
    W32/Bagle

posted by Will Pittenger at 12:01 AM 0 comments links to this post

Thursday, May 11, 2006

Virus Updates for May 11th, 2006

DAT Version:4760
DAT Release Date:5-11-2006
Threats Detected:189,590
New Detections:6/td>
Enhanced Detections:72



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Trojan (5)
  Downloader (2)
    BackDoor-CYY.dldr
    Downloader-AWE
  Dropper (1)
    QHosts-55.dr
  Remote Access (1)
    BackDoor-CKB!rootkit
  Win32 (1)
    W32/Kittykat!bat
Virus (1)
  Win32 (1)
    W32/Kittykat
Program (5)
  Adware (2)
    Adware-Boran
    Adware-CasClient
  Dialer (1)
    Dialer-Generic.f
  ProcKill (1)
    ProcKill-DO
  Win32 (1)
    Generic HTool.a
Trojan (56)
   (1)
    Generic BackDoor.bb
  Application extension (5)
    Puper.dll
    BackDoor-CKB.dll
    PWS-Goldun.dll
    PWS-Lineage.dll
    PWS-LDPinch.dll!ldr
  Application extension Generi (1)
    BackDoor-CKB.dll.gen
  Downloader (7)
    Downloader-DC
    Downloader-AEU
    Downloader-AVS
    Downloader-ZQ
    Downloader-AUX
    Downloader-ASH
    Downloader-AQW
  Dropper (3)
    MultiDropper-IY
    MultiDropper-JI
    BackDoor-CKB.dr
  Exploit (1)
    Exploit-SWF.b!demo
  Generic (8)
    Oleloa.gen
    Downloader-AAP.gen
    Swizzor.gen
    PWS-Banker.gen.bb
    HackerDefender.gen.c
    PWS-Banker.gen.t
    Exploit-MS06-006.gen
    PWS-Banker.gen.v
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Password (2)
    PWS-LegMir
    PWS-LDPinch
  Password Stealer (3)
    Generic PWS.g
    PWS-Banker.gen.ba
    PWS-Banker.gen.i
  Plugin component (1)
    BackDoor-JX.plugin
  Proxy (1)
    Proxy-Raser
  Remote Access (6)
    BackDoor-AWQ.b
    BackDoor-CKB.sys
    BackDoor-CZP
    BackDoor-CYY
    BackDoor-CKB
    BackDoor-CEP
  Script (1)
    Generic component
  Win32 (15)
    Generic Downloader.a
    HackerDefender
    HackerDefender.sys
    Generic VB.b
    Puper
    Generic BackDoor.ba
    Generic Proxy.c
    Generic Downloader.k
    Swizzor
    Generic PWS.o
    Generic BackDoor.u
    Generic Downloader.ab
    Generic VB.c
    Generic Downloader.bg
    Generic Downloader.g
Virus (11)
  Damaged Worm (2)
    W32/Gaobot.worm.dam
    W32/Sdbot.worm.dam
  Generic Worm (6)
    W32/Gaobot.worm.gen.k
    W32/Gaobot.worm.gen.e
    W32/Sdbot.worm.gen.ca
    W32/Sdbot.worm.gen.ae
    W32/Sdbot.worm.gen.bd
    W32/Sdbot.worm.gen.t
  Linux (1)
    Linux/Adrastea
  Win32 (1)
    W32/Generic.e
  Worm (1)
    W32/Opanki.worm

posted by Will Pittenger at 12:57 AM 0 comments links to this post

Wednesday, May 10, 2006

Virus Updates for 5-10-2006

DAT Version:4759
DAT Release Date:5-10-2006
Threats Detected:189,440
New Detections:6
Enhanced Detections:164



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (1)
  Keylogger (1)
    Keylog-WebSniffer
Trojan (1)
  Generic (1)
    SymbOS/Doomboot.gen!sis
Virus (4)
  E-mail (1)
    W32/Areses.j@MM
  Generic (2)
    SymbOS/Skulls.gen!sis
    SymbOS/Fontal.gen!sis
  Peer To Peer Worm (1)
    W32/Vizim.worm!p2p
Internet Worm (1)
  E-mail (1)
    W32/Areses.a@MM
Program (8)
  Adware (2)
    Adware-2Search
    Adware-NaviPromo
  Application extension (1)
    KeyHook.dll
  Keylogger (2)
    Keylog-Ardamax
    Keylog-Ardamax.dr
  Tool (1)
    Tool-Tpatch
  Win32 (2)
    RemAdm-RemoteAdmin
    Winfixer
Trojan (49)
   (2)
    Generic BackDoor.bb
    Phish-BankFraud.eml.a
  - (1)
    Spam-Mailbot
  Application extension (3)
    BackDoor-BAC.dll
    PWS-Goldun.dll
    BackDoor-CXP.dll
  Configuration settings (1)
    HackerDefender.ini
  Downloader (7)
    Downloader-ABU
    Downloader-AVS
    PWS-Banker.dldr.b
    Downloader-ASH
    Downloader-AQW
    Downloader-ARR
    Downloader-GG!chm
  Dropper (4)
    IRC/Flood.gen.dr
    BackDoor-CKB.dr
    PWS-Banker.dr.i
    BackDoor-BAC.dr
  Dropper Generic (1)
    AdClicker-C.gen.dr
  Exploit (2)
    Exploit-SWF.b!demo
    Exploit-SWF!demo
  Generic (4)
    Generic Downloader.gen.be
    BackDoor-BAC.gen
    PWS-Banker.gen.bb
    PWS-Banker.gen.g
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Heuristic (1)
    New Malware.ab
  Internet Relay Chat (1)
    IRC/Flood.c
  Password (1)
    PWS-LDPinch
  Password Stealer (1)
    PWS-Banker.gen.i
  ProcKill (1)
    ProcKill-AK
  Remote Access (6)
    BackDoor-AWQ.b
    BackDoor-BAC
    BackDoor-CXP
    BackDoor-CVT
    BackDoor-BAC.sys
    Generic BackDoor.k
  Win32 (12)
    Generic Downloader.c
    DollarRevenue
    Generic Downloader.ak
    Generic VB.b
    Generic BackDoor.ba
    Generic Downloader.x
    Generic PWS.o
    Generic Downloader.ab
    Kakkeys
    Generic VB.c
    Generic Downloader.g
    Generic MultiDropper.b
Virus (106)
  Application extension Worm (1)
    W32/Maddis.worm.dll
  Damaged (1)
    W32/Mytob.dam
  Damaged Worm (1)
    W32/Gaobot.worm.dam
  Downloader Worm (1)
    W32/Bropia.worm.dldr
  E-mail (1)
    W32/Mytob.gr@MM
  Email (73)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.id@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Areses.i@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Areses.h@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.hq@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (1)
    W32/Mytob.gen@MM
  Generic Worm (6)
    W32/Gaobot.worm.gen.e
    W32/IRCbot.worm.gen
    W32/Sdbot.worm.gen.h
    W32/Sdbot.worm.gen.ae
    W32/Spybot.worm.gen.j
    W32/Sdbot.worm.gen.t
  Internet Worm (4)
    W32/Maddis.worm
    W32/Bropia.worm.gen
    W32/Bropia.worm.d
    W32/P2Load.gen!p2p
  Win32 (3)
    W32/Generic.e
    W32/Massflag!enc
    W32/Generic.Delphi.a
  Worm (14)
    W32/Bropia.worm.e
    W32/Nugache@MM
    W32/Bropia.worm.ap
    W32/Bropia.worm.m
    W32/Bropia.worm.ac
    W32/Bropia.worm.bn
    W32/Bropia.worm.ag
    W32/Bropia.worm.af
    W32/Opanki.worm
    W32/Bropia.worm.bo
    W32/Bropia.worm.b
    W32/Bropia.worm.a
    W32/Bropia.worm.c
    W32/Bropia.worm.bt

posted by Will Pittenger at 10:56 PM 0 comments links to this post

Tuesday, May 09, 2006

Virus Updates for May 9th, 2006

DAT Version:4758
DAT Release Date:5-9-2006
Threats Detected:189,357
New Detections:14
Enhanced Detections:83



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an AVERT risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Noteworthy Threats:

NameCorporate Risk AssessmentHome Risk Assessment
X97F/Yagnuul.gen

 Low-Profiled

 Low-Profiled

Full list

New DetectionsEnhanced detections
Program (1)
Win32 (1)
Settec
Trojan (9)
Downloader (2)
Downloader-AWD
Downloader-AWC
Dropper (1)
BackDoor-CZR.dr
Exploit (1)
Exploit-SWF.b!demo
Heuristic (1)
New Malware.ak!zip
ProcKill (1)
ProcKill-DR
Remote Access (1)
BackDoor-CZR
Win32 (2)
Uploader-AF
Modelo
Virus (4)
(1)
SymbOS/Skulls.ce!sis
Email (1)
W32/Fenet.a@MM
Generic Worm (1)
W32/Sdbot.worm.gen.cb
Macro (1)
X97F/Yagnuul.gen

Program (2)
Adware (1)
Adware-SearchAid
Win32 (1)
Generic HTool.b
Trojan (65)
(5)
Generic BackDoor.bb
Generic Proxy.h
Phish-BankFraud.eml.d
Generic.f
Generic.cd
Application extension (5)
BackDoor-BAC.dll
Puper.dll
Spam-Loot.dll
PWS-WoW.dll
PWS-Lineage.dll
Downloader (6)
Downloader-XC
PWS-Banker.dldr
Downloader-ZQ
PWS-Banker.dldr.c
Downloader-ATP
Downloader-ASH
Dropper (1)
MultiDropper-NB
Exploit (1)
Exploit-ObscuredHtml
Generic (4)
Oleloa.gen
BackDoor-BAC.gen
PWS-Banker.gen.t
Exploit-MS06-012.gen
Heuristic (3)
New Malware.n
New Malware.j
New Malware.ab
Password (2)
PWS-LegMir
PWS-LDPinch
Password Stealer (8)
PWS-Banker.ad
Generic PWS.g
PWS-Banker.gen.ba
PWS-Banker.gen.i
PWS-Banker.gen.h
W32/Loosky!pws
PWS-WoW
PWS-Lineage
Proxy (2)
Proxy-Agent.au
Proxy-Horst
Remote Access (7)
BackDoor-ARR
BackDoor-AWQ.b
BackDoor-CZP
BackDoor-CPY
BackDoor-CXI
BackDoor-CMQ
BackDoor-CYY
Spam (1)
Spam-Loot
Win32 (20)
Generic Delphi
DollarRevenue
AdClicker-EG
Ezoons
Generic Downloader.d
Generic FDoS.d
Generic Downloader.bj
Puper
Generic Downloader.s
Generic Delphi.c
Generic Proxy.d
Generic Downloader.u
Generic Downloader.y
Generic PWS.o
Generic QLowZones.a
Generic BackDoor.u
Generic Downloader.ab
Generic AdClicker.p
Generic Proxy.e
Generic Downloader.g
Virus (16)
Application extension (1)
W32/Loosky.dll
Downloader (1)
W32/Loosky.dldr
Dropper (1)
W32/Loosky.dr
Email (1)
W32/Loosky.e@MM
Email Generic (2)
W32/Loosky.gen@mm
W32/Feebs.gen@MM
Generic (1)
W32/Loosky.gen
Generic Worm (3)
W32/Sdbot.worm.gen.h
W32/Sdbot.worm.gen.ae
W32/Sdbot.worm.gen.bz
Win32 (4)
New Win32
W32/Feebs!rootkit
W32/Loosky!proxy
W32/Loosky!backdoor
Worm (2)
W32/MoonLight.worm
W32/Gavir.worm

posted by Will Pittenger at 11:42 PM 0 comments links to this post

Monday, May 08, 2006

Virus Updates for May 8th, 2006

DAT Version:4757
DAT Release Date:5-8-2006
Threats Detected:18,9236
New Detections:21
Enhanced Detections:260



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Program (2)
  Win32 (2)
    VegasredCas
    RemAdm-ProcLaunch!171
Trojan (10)
  Demonstration (1)
    Exploit-NestedObj.demo
  Downloader (4)
    Downloader-AWB
    Downloader-AWA
    Downloader-AVZ
    Downloader-QO!mem
  Exploit (1)
    Exploit-NestedObj
  Keylogger (1)
    Keylog-Nofear
  Remote Access (1)
    BackDoor-CZQ
  Script (1)
    Bat/avk81
  Win32 (1)
    Del-503
Virus (9)
  Damaged (1)
    W32/Maya.dam
  Email (1)
    W32/Rabit@MM
  Worm (7)
    W32/Tahun.worm
    W32/RDevil.worm
    W32/MoonLight.worm
    W32/Loveme.worm
    W32/Bropia.worm.dd
    W32/Bropia.worm.dc
    W32/Liz.worm
Internet Worm (2)
  E-mail (2)
    W32/Kidala.b@MM
    W32/Kidala.a@MM
Program (11)
   (1)
    Generic PUP.a
  Adware (1)
    Adware-NaviPromo
  Dialer (1)
    Dialer-Generic.f
  Dropper (1)
    Spyware-SpyMyPC.dr
  Joke (1)
    Joke-LOL
  Keylogger (1)
    Keylog-MetaCodix
  Malware Tool (2)
    VTool/fake
    VTool/fakez
  Spyware (1)
    Spyware-SpyMyPC
  Win32 (2)
    Generic HTool.bb
    Winfixer
Trojan (88)
   (5)
    Generic Dropper.o
    Generic Downloader.o
    Generic BackDoor.bb
    Generic Proxy.h
    Painter
  - (1)
    Spam-Mailbot
  Application extension (4)
    BackDoor-AWQ.dll
    BackDoor-BAC.dll
    Puper.dll
    PWS-Goldun.dll
  Configurator (1)
    BackDoor-CEP.cfg
  Downloader (9)
    BackDoor-CMQ.dldr
    Downloader-ABB
    PWS-Banker.dldr
    Downloader-ABU
    Downloader-AVS
    Downloader-ZQ
    PWS-Banker.dldr.c
    Downloader-ARH
    Downloader-QO
  Dropper (7)
    PWS-LDPinch.dr
    BackDoor-AWQ.dr
    PWS-Hooker.dr
    Zquest.dr
    BackDoor-CEP.dr
    Puper.dr
    BackDoor-COC.dr
  Dropper Generic (1)
    AdClicker-C.gen.dr
  Exploit (2)
    JS/Exploit-DDay
    Exploit-ObscuredHtml
  Generic (5)
    Swizzor.gen
    PWS-Banker.gen.g
    PWS-Banker.gen.t
    BackDoor-CKB.sys.gen
    BackDoor-BAC.gen.b
  Generic Worm (1)
    W32/Sdbot.worm.gen.ax
  Heuristic (2)
    New Malware.f
    New Malware.ae
  Keylogger (1)
    Keylog-Logit
  Malware Tool (3)
    Spam-GWab
    NTRootKit-U
    Spam-DComServ
  Password (1)
    PWS-LDPinch
  Password Stealer (11)
    PWS-QQRob
    PWS-JA
    PWS-AOLPhish
    PWS-Banker.gen.ba
    PWS-RXJH
    PWS-Banker.gen.i
    PWS-Banker.gen.h
    PWS-Goldun.sys
    W32/Loosky!pws
    PWS-Banker.au
    PWS-Lineage
  Plugin component (1)
    BackDoor-JX.plugin
  ProcKill (1)
    ProcKill-DA
  Proxy (2)
    Proxy-FBSR
    Proxy-Raser
  Remote Access (9)
    BackDoor-AWQ.b
    BackDoor-AWQ
    BackDoor-ALD
    BackDoor-BAC.gen.d
    BackDoor-BAC.sys
    BackDoor-CMQ
    BackDoor-CES
    BackDoor-CKB
    BackDoor-CEP
  Script (1)
    IIS/BackDoor-ACE
  Server (1)
    BackDoor-CUR.svr
  StartPage (2)
    StartPage-HR
    StartPage-IW
  Win32 (17)
    DollarRevenue
    Systhread
    Generic BackDoor.c
    Puper
    Generic Downloader.s
    Generic Downloader.k
    Generic Dropper.p
    Swizzor
    Generic AdClicker.j
    Generic Downloader.aa
    Regger
    Zquest
    Generic Dropper.i
    Generic BackDoor.u
    Generic Downloader.ab
    Generic BackDoor.j
    Galapoper
Virus (159)
   (1)
    Oxfall.865
  Application extension (1)
    W32/Loosky.dll
  Boot (1)
    Dodgy
  Damaged (1)
    W32/Mytob.dam
  Downloader (1)
    W32/Loosky.dldr
  Dropper (1)
    W32/Loosky.dr
  Dropper Worm (1)
    W32/Kelvir.worm.dr
  E-mail (1)
    W32/Mytob.gr@MM
  Email (72)
    W32/Mytob.ao@MM
    W32/Mytob.al@MM
    W32/Mytob.ew@MM
    W32/Mytob.fa@MM
    W32/Mytob.ft@MM
    W32/Mytob.fs@MM
    W32/Mytob.aw@MM
    W32/Mytob.fr@MM
    W32/Mytob.ba@MM
    W32/Mytob.bc@MM
    W32/Mytob.bb@MM
    W32/Mytob.bd@MM
    W32/Mytob.id@MM
    W32/Mytob.fu@MM
    W32/Mytob.fw@MM
    W32/Mytob.fv@MM
    W32/Mytob.ge@MM
    W32/Mytob.go@MM
    W32/Mytob.bu@MM
    W32/Mytob.bq@MM
    W32/Mytob.by@MM
    W32/Mytob.cq@MM
    W32/Mytob.ck@MM
    W32/Mytob.fz@MM
    W32/Mytob.gf@MM
    W32/Mytob.gn@MM
    W32/Mytob.gp@MM
    W32/Mytob.cw@MM
    W32/Mytob.p@MM
    W32/Mytob.i@MM
    W32/Mytob.k@MM
    W32/Mytob.r@MM
    W32/Mytob.gm@MM
    W32/Mytob.gs@MM
    W32/Mytob.m@MM
    W32/Mytob.bs@MM
    W32/Mytob.de@MM
    W32/Mytob.cb@MM
    W32/Mytob.do@MM
    W32/Mytob.dl@MM
    W32/Mytob.h@MM
    W32/Mytob.j@MM
    W32/Mytob.l@MM
    W32/Mytob.o@MM
    W32/Mytob.t@MM
    W32/Mytob.x@MM
    W32/Mytob.y@MM
    W32/Mytob.cr@MM
    W32/Mytob.cl@MM
    W32/Mytob.ci@MM
    W32/Mytob.cx@MM
    W32/Mytob.cy@MM
    W32/Mytob.dn@MM
    W32/Mytob.ei@MM
    W32/Mytob.aa@MM
    W32/Mytob.ad@MM
    W32/Mytob.dw@MM
    W32/Mytob.dv@MM
    W32/Mytob.du@MM
    W32/Mytob.aj@MM
    W32/Mytob.z@MM
    W32/Mytob.hq@MM
    W32/Mytob.eg@MM
    W32/Mytob.ho@MM
    W32/Mytob.hn@MM
    W32/Mytob.hk@MM
    W32/Mytob.hm@MM
    W32/Mytob.hj@MM
    W32/Loosky.e@MM
    W32/Mytob.ha@MM
    W32/Mytob.em@MM
    W32/Mytob.en@MM
  Email Generic (3)
    W32/Mytob.gen@MM
    W32/Loosky.gen@mm
    W32/Feebs.gen@MM
  Generic (2)
    W32/Loosky.gen
    W32/Nopir.gen
  Generic Worm (4)
    W32/Sdbot.worm.gen.h
    W32/Kelvir.worm.gen
    W32/Sdbot.worm.gen.bh
    W32/Sdbot.worm.gen.ac
  Internet Worm (3)
    W32/Kelvir.worm.bh
    W32/Kelvir.worm.f
    W32/Bropia.worm.aj
  mIRC Worm (1)
    MIRC/Generic
  P2P Worm (1)
    W32/Bactera.worm!p2p
  Peer To Peer Worm (1)
    W32/Steam.worm!p2p
  Script Worm (1)
    W32/Crumpet.worm.bat
  Win32 (3)
    W32/Feebs!rootkit
    W32/Loosky!proxy
    W32/Loosky!backdoor
  Worm (60)
    W32/Kelvir.worm.eo
    W32/Kelvir.worm.ex
    W32/Kelvir.worm.al
    W32/Kelvir.worm.ap
    W32/Kelvir.worm.an
    W32/Bropia.worm.al
    W32/Bropia.worm.ak
    W32/Kelvir.worm.ao
    W32/Kelvir.worm.am
    W32/Bropia.worm.am
    W32/Kelvir.worm.ec
    W32/Kelvir.worm.ax
    W32/Bropia.worm.ao
    W32/Bropia.worm.an
    W32/Kelvir.worm.az
    W32/Kelvir.worm.ba
    W32/Kelvir.worm.ay
    W32/Bropia.worm.ar
    W32/Kelvir.worm.bg
    W32/Kelvir.worm.e
    W32/Bropia.worm.ba
    W32/Bropia.worm.az
    W32/Bropia.worm.ay
    W32/Bropia.worm.ax
    W32/Bropia.worm.bb
    W32/Crumpet.worm
    W32/Kelvir.worm.ca
    W32/Bropia.worm.bd
    W32/Kelvir.worm.ci
    W32/Kelvir.worm.i
    W32/Bropia.worm
    W32/Kelvir.worm.o
    W32/Kelvir.worm.p
    W32/Kelvir.worm.l
    W32/Kelvir.worm.ch
    W32/Bropia.worm.be
    W32/Bropia.worm.bg
    W32/Kelvir.worm.q
    W32/Kelvir.worm.w
    W32/Bropia.worm.bh
    W32/Kelvir.worm.cu
    W32/Kelvir.worm.da
    W32/Kelvir.worm.cz
    W32/Kelvir.worm.dd
    W32/Kelvir.worm.cq
    W32/Kelvir.worm.cv
    W32/Kelvir.worm.cx
    W32/Kelvir.worm.cy
    W32/Bropia.worm.ag
    W32/Kelvir.worm.ac
    W32/Kelvir.worm.aj
    W32/Kelvir.worm.ai
    W32/Bropia.worm.ah
    W32/Bropia.worm.ai
    W32/Kelvir.worm.db
    W32/Kelvir.worm.gc
    W32/Bropia.worm.bz
    W32/Bropia.worm.br
    W32/Kelvir.worm.dy
    W32/Bropia.worm.bs

posted by Will Pittenger at 10:06 PM 0 comments links to this post

Friday, May 05, 2006

Virus Updates for May 5th, 2006

DAT Version:4756
DAT Release Date:5-5-2006
Threats Detected:189,044
New Detections:0
Enhanced Detections:17



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
None :D
Trojan (7)
Downloader (1)
Downloader-QO
Generic Worm (1)
W32/Sdbot.worm.gen.ax
Heuristic (5)
New Malware.j
New Malware.aj
New Malware.ah
New Malware.ab
New Malware.y
Virus (10)
Damaged Worm (1)
W32/Gaobot.worm.dam
Email Generic (1)
W32/Feebs.gen@MM
Floppy (1)
W32/Generic!floppy
Generic Worm (2)
W32/Gaobot.worm.gen.e
W32/Sdbot.worm.gen.h
Internet Worm (1)
New Worm
Win32 (4)
W32/Generic.d
W32/Generic!msn
W32/Generic!im
W32/Feebs!rootkit

posted by Will Pittenger at 10:10 PM 0 comments links to this post

Thursday, May 04, 2006

Viruses for 5-4-2006

DAT Version:4755
DAT Release Date:5-4-2006
Threats Detected:188938
New Detections:18
Enhanced Detections:233



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Full list

New DetectionsEnhanced detections
Internet Worm (1)
E-mail (1)
W32/Kidala.b@MM
Program (2)
Keylogger (1)
Keylog-PKL
Win32 (1)
iDealBrowser
Trojan (5)
(1)
SymbOS/Drever.d!sis
Downloader (1)
BackDoor-CMQ.dldr
Remote Access (2)
BackDoor-CZO
BackDoor-CZP
Win32 (1)
Generic Del.e
Virus (10)
(7)
SymbOS/Skulls.cl!sis
SymbOS/Skulls.cm!sis
SymbOS/Skulls.ck!sis
SymbOS/Cabir.ag
SymbOS/Cabir!ezboot.ag
SymbOS/Cabir.af!sis
SymbOS/Cabir.ag!sis
Damaged (1)
SymbOS/Cabir.af.dam
Email Generic (1)
JS/Feebs.gen.i@MM
Win32 (1)
W32/Polip!mem
Malware (1)
Exploit (1)
Exploit-CodeBase
Program (5)
Dialer (1)
Dialer-Generic.e
Dropper (1)
Adware-Henbang.dr
Malware Tool (1)
PWCrack-MPass
Registry (1)
E2Give
Win32 (1)
CasOnline
Trojan (42)
(5)
SymbOS/Drever.c!sis
SymbOS/Drever.b!sis
SymbOS/Drever.a!ezboot
SymbOS/Drever.a!sis
SymbOS/Drever!ezboot
Application extension (3)
Keylog-HKH.dll
Puper.dll
PWS-Goldun.dll
Downloader (9)
BackDoor-CKB.dldr
Downloader-AVT
Downloader-XC
PWS-Banker.dldr
Downloader-ABU
Downloader-ACH
Downloader-AVS
Downloader-ZQ
Downloader-QM
Dropper (2)
Puper.dr
PWS-Banker.dr.a
Generic (4)
Exploit-CodeBase.gen
SymbOS/Drever.gen
PWS-Banker.gen.g
Spam-Mailbot.gen
Generic Worm (1)
W32/Sdbot.worm.gen.ax
Heuristic (2)
New RootKit
New Malware.n
Password (1)
PWS-LDPinch
Password Stealer (4)
PWS-JA
PWS-Banker.gen.i
PWS-Goldun.sys
PWS-Goldun
Remote Access (5)
BackDoor-BAC
BackDoor-CMQ
BackDoor-CMI
BackDoor-CES
BackDoor-CKB
Script (1)
Generic component
Win32 (5)
Puper
Generic Downloader.af
Generic Downloader.x
Generic PWS.o
Generic Downloader.ab
Virus (185)
(120)
SymbOS/Skulls.ci!ezboot
SymbOS/Skulls.br!sis
SymbOS/Skulls.bn!sis
SymbOS/Skulls.bj!sis
SymbOS/Cabir.x
SymbOS/Skulls.bt!sis
SymbOS/Skulls.bp!sis
SymbOS/Skulls.bm!sis
SymbOS/Skulls.bl!sis
SymbOS/Cabir.ab
SymbOS/Cabir!ezboot.ab
SymbOS/Cabir.ab!sis
SymbOS/Cabir!lasco
SymbOS/Cabir.v
SymbOS/Cabir!ezboot.v
SymbOS/Skulls.cb!sis
SymbOS/Skulls.bw!sis
SymbOS/Skulls.bv!sis
SymbOS/Cabir.y
SymbOS/Cabir!ezboot.y
SymbOS/Skulls.cj!sis
SymbOS/Cabir.z
SymbOS/Cabir!ezboot.w
SymbOS/Cabir.w
SymbOS/Cabir.ac
SymbOS/Cabir.ac!sis
SymbOS/Cabir!ezboot.ac
SymbOS/Skulls.bx!sis
SymbOS/Skulls.bh!sis
SymbOS/Skulls.bf!sis
SymbOS/Skulls.bd!sis
SymbOS/Skulls.bb!sis
SymbOS/Skulls.ba!sis
SymbOS/Skulls.as!sis
SymbOS/Skulls.ar!sis
SymbOS/Skulls.aq!sis
SymbOS/Skulls.ap!sis
SymbOS/Skulls.ao!sis
SymbOS/Skulls.an!sis
SymbOS/Skulls.am!sis
SymbOS/Skulls.al!sis
SymbOS/Skulls.ak!sis
SymbOS/Skulls.aj!sis
SymbOS/Skulls.ai!sis
SymbOS/Skulls.ah!sis
SymbOS/Skulls.ag!sis
SymbOS/Skulls.ac!sis
SymbOS/Skulls.aa!sis
SymbOS/Skulls.z!sis
SymbOS/Skulls.y!sis
SymbOS/Skulls.x!sis
SymbOS/Skulls.v!sis
SymbOS/Skulls.t!sis
SymbOS/Skulls.r!sis
SymbOS/Skulls.p!sis
SymbOS/Skulls.n!sis
SymbOS/Skulls.l!sis
SymbOS/Skulls.j!sis
SymbOS/Cabir!ezboot.e
SymbOS/Cabir!ezboot.d
SymbOS/Cabir!ezboot.c
SymbOS/Cabir!ezboot
SymbOS/Skulls.bg!sis
SymbOS/Skulls.be!sis
SymbOS/Skulls.bc!sis
SymbOS/Skulls.az!sis
SymbOS/Skulls.ay!sis
SymbOS/Skulls.ax!sis
SymbOS/Skulls.aw!sis
SymbOS/Skulls.av!sis
SymbOS/Skulls.au!sis
SymbOS/Skulls.at!sis
SymbOS/Skulls.af!sis
SymbOS/Skulls.ae!sis
SymbOS/Skulls.ad!sis
SymbOS/Skulls.ab!sis
SymbOS/Skulls.w!sis
SymbOS/Skulls.u!sis
SymbOS/Skulls.s!sis
SymbOS/Skulls.q!sis
SymbOS/Skulls.o!sis
SymbOS/Skulls.m!sis
SymbOS/Skulls.k!sis
SymbOS/Skulls.bu!sis
SymbOS/Skulls.bs!sis
SymbOS/Skulls.bq!sis
SymbOS/Skulls.bo!sis
SymbOS/Skulls.bk!sis
SymbOS/Skulls.bi!sis
SymbOS/Cabir!ezboot.x
SymbOS/Cabir.ae!sis
SymbOS/Cabir.ae
SymbOS/Cabir!ezboot.ae
SymbOS/Cabir!ezboot.s
SymbOS/Cabir!ezboot.o
SymbOS/Cabir!ezboot.k
SymbOS/Cabir!ezboot.f
SymbOS/Cabir.k!sis
SymbOS/Cabir.i!sis
SymbOS/Cabir.b!sis
SymbOS/Cabir!ezboot.ad
SymbOS/Cabir.g
SymbOS/Cabir.f
SymbOS/Cabir.b
SymbOS/Cabir.a
SymbOS/Cabir!ezboot.t
SymbOS/Cabir!ezboot.r
SymbOS/Cabir.m
SymbOS/Cabir.k
SymbOS/Cabir!ezboot.q
SymbOS/Cabir!ezboot.p
SymbOS/Cabir!ezboot.n
SymbOS/Cabir.l!sis
SymbOS/Cabir.j!sis
SymbOS/Cabir.h!sis
SymbOS/Cabir.u
SymbOS/Cabir.ad
SymbOS/Cabir.ad!sis
SymbOS/Cabir.aa
SymbOS/Cabir!ezboot.aa
Dropper (2)
SymbOS/Cabir.dr
SymbOS/Cabir.dr!skulls
Email Generic (1)
W32/Feebs.gen@MM
Generic (5)
SymbOS/Cabir.gen!sis
W32/IRCbot.gen.c
W32/IRCBot.gen.l
W32/Poebot.gen
SymbOS/Cabir.gen
Generic Worm (3)
W32/Sdbot.worm.gen.n
W32/Sdbot.worm.gen.j
W32/Sdbot.worm.gen.ac
Intended (2)
WM/Minimal.aq.intd
WM/Minimal.ad.intd
Macro (34)
WM/Minimal.X
WM/MINIMAL.P
WM/Minimal.K;L;M;N;O
WM/MINIMAL.G;H;I
WM/MINIMAL.A;B
WM/Minimal.D;E;F;J
WM/Minimal.av
WM/Minimal.at
WM/Minimal.as
WM/Minimal.ar
WM/Minimal.u
WM/Minimal.t
WM/Minimal.s
WM/Minimal.q
WM/Minimal.r
WM/Minimal.w
WM/Minimal.bp
WM/Minimal.bn
WM/Minimal.bl
WM/Minimal.ax
WM/Minimal.au
WM/Minimal.al
WM/Minimal.br
WM/Minimal.bo
WM/Minimal.bm
WM/Minimal.aw
WM/Minimal.ap
WM/Minimal.af
WM/Minimal.ac
WM/Minimal.aa
WM/Minimal.ae
WM/Minimal.z
WM/Minimal.v
WM/Minimal.y
P2P Worm (1)
W32/Polip
PDA Device (14)
SymbOS/Cabir.e
SymbOS/Cabir.c
SymbOS/Cabir.h
SymbOS/Cabir.d
SymbOS/Cabir.t
SymbOS/Cabir.r
SymbOS/Cabir.p
SymbOS/Cabir.n
SymbOS/Cabir.l
SymbOS/Cabir.s
SymbOS/Cabir.q
SymbOS/Cabir.o
SymbOS/Cabir.i
SymbOS/Cabir.j
Win32 (1)
W32/Feebs!rootkit
Worm (2)
W32/Generic.worm!im
W32/Opanki.worm

posted by Will Pittenger at 11:44 PM 0 comments links to this post

Wednesday, May 03, 2006

Virus Updates for May 3, 2006

DAT Version:4754
DAT Release Date:5-3-2006
Threats Detected:188278
New Detections:9
Enhanced Detections:192



Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.

Noteworthy threats are those that had an AVERT risk assessment of Low-Profiled, Medium, Medium-On-Watch, High, or High-Outbreak at the time of DAT release.

Full list

New DetectionsEnhanced detections
Program (1)
Adware (1)
Adware-Boarim
Trojan (6)
Downloader (2)
BackDoor-CKB.dldr
Downloader-AVY
Generic (1)
Downloader-AAP.gen
Remote Access (1)
BackDoor-CZN
StartPage (1)
StartPage-JH
Win32 (1)
Generic Delphi.c
Virus (2)
Win32 (2)
W32/Massflag!enc
W32/Massflag
Malware (1)
Exploit (1)
Unix/Exploit-IIS
Program (13)
(2)
VText.2a
VMag46
Adware (5)
Adware-MWS
Adware-BuddyLinks
Adware-WMS
Adware-Exactsearch
Adware-DropSpam
Dropper (2)
NDotNet.dr
Adware-ExactSearch.dr
Generic (1)
Dialer-RAS.dw.gen
Malware Tool (2)
VTool/dai1
VTool/dvl
Win32 (1)
HiddenRun
Trojan (49)
(2)
Generic BackDoor.bb
Generic Proxy.h
Application extension (3)
Downloader-DA.dll
PWS-Legmir.dll
Puper.dll
Configuration settings (1)
HackerDefender.ini
Downloader (6)
Downloader-AAP
PWS-Banker.dldr
Downloader-AVS
Downloader-ZQ
Downloader-ASH
Downloader-AQW
Dropper (1)
BackDoor-CKB.dr
Exploit (1)
JS/Exploit-DDay
Generic (2)
BackDoor-BAC.gen
PWS-Banker.gen.bb
Heuristic (3)
New Malware.n
New Malware.j
New Malware.aj
Internet Relay Chat (1)
IRC/Flood.m
Password Stealer (6)
PWS-QQRob
PWS-Banker.gen.ba
PWS-Banker.gen.i
PWS-Banker.gen.h
PWS-Banker.bh
PWS-Banker.au
Remote Access (7)
BackDoor-AWQ.b
BackDoor-ALD
BackDoor-CKB.sys
BackDoor-CYI
BackDoor-CXL
BackDoor-CMQ
BackDoor-CKB
Script (3)
VBS/Piky
JS/Binghu
Generic component
Spam (1)
Spam-Loot
StartPage (1)
StartPage-IU
Win32 (11)
Generic Downloader.a
Generic BackDoor.b
Generic Downloader.c
DollarRevenue
Generic Downloader.p
Puper
Swizzor
Generic PWS.o
Generic BackDoor.u
Generic Downloader.ab
Generic AdClicker.d
Virus (129)
(1)
HLL.5612b
Damaged (3)
W32/Lirva.dam
W32/Mimail.dam
W32/Mytob.dam
Damaged Dropper (1)
W32/Pate.dr.dam
Dropper (1)
W32/Pate.dr
E-mail (1)
W32/Mytob.gr@MM
Email (71)
W32/Mytob.ao@MM
W32/Mytob.al@MM
W32/Mytob.ew@MM
W32/Mytob.fa@MM
W32/Mytob.ft@MM
W32/Mytob.fs@MM
W32/Mytob.aw@MM
W32/Mytob.fr@MM
W32/Mytob.ba@MM
W32/Mytob.bc@MM
W32/Mytob.bb@MM
W32/Mytob.bd@MM
W32/Mytob.id@MM
W32/Mytob.fu@MM
W32/Mytob.fw@MM
W32/Mytob.fv@MM
W32/Mytob.ge@MM
W32/Mytob.go@MM
W32/Mytob.bu@MM
W32/Mytob.bq@MM
W32/Mytob.by@MM
W32/Mytob.cq@MM
W32/Mytob.ck@MM
W32/Mytob.fz@MM
W32/Mytob.gf@MM
W32/Mytob.gn@MM
W32/Mytob.gp@MM
W32/Mytob.cw@MM
W32/Mytob.p@MM
W32/Mytob.i@MM
W32/Mytob.k@MM
W32/Mytob.r@MM
W32/Mytob.gm@MM
W32/Mytob.gs@MM
W32/Mytob.m@MM
W32/Mytob.bs@MM
W32/Mytob.de@MM
W32/Mytob.cb@MM
W32/Mytob.do@MM
W32/Mytob.dl@MM
W32/Mytob.h@MM
W32/Mytob.j@MM
W32/Mytob.l@MM
W32/Mytob.o@MM
W32/Mytob.t@MM
W32/Mytob.x@MM
W32/Mytob.y@MM
W32/Mytob.cr@MM
W32/Mytob.cl@MM
W32/Mytob.ci@MM
W32/Mytob.cx@MM
W32/Mytob.cy@MM
W32/Mytob.dn@MM
W32/Mytob.ei@MM
W32/Mytob.aa@MM
W32/Mytob.ad@MM
W32/Mytob.dw@MM
W32/Mytob.dv@MM
W32/Mytob.du@MM
W32/Mytob.aj@MM
W32/Mytob.z@MM
W32/Mytob.hq@MM
W32/Mytob.eg@MM
W32/Mytob.ho@MM
W32/Mytob.hn@MM
W32/Mytob.hk@MM
W32/Mytob.hm@MM
W32/Mytob.hj@MM
W32/Mytob.ha@MM
W32/Mytob.em@MM
W32/Mytob.en@MM
Email Generic (1)
W32/Mytob.gen@MM
Generic (3)
Bat/BWG.gen
W32/Alcop.gen
W32/Poebot.gen
Generic Worm (6)
W32/EnerKaz.worm.gen
W32/Sdbot.worm.gen.h
W32/Sdbot.worm.gen.x
W32/Sdbot.worm.gen.ae
W32/Sdbot.worm.gen.ag
W32/Sdbot.worm.gen.ac
Intended (2)
WM/Minimal.aq.intd
WM/Minimal.ad.intd
Internet Worm (1)
W32/XTC@MM
Macro (34)
WM/Minimal.X
WM/MINIMAL.P
WM/Minimal.K;L;M;N;O
WM/MINIMAL.G;H;I
WM/MINIMAL.A;B
WM/Minimal.D;E;F;J
WM/Minimal.av
WM/Minimal.at
WM/Minimal.as
WM/Minimal.ar
WM/Minimal.u
WM/Minimal.t
WM/Minimal.s
WM/Minimal.q
WM/Minimal.r
WM/Minimal.w
WM/Minimal.bp
WM/Minimal.bn
WM/Minimal.bl
WM/Minimal.ax
WM/Minimal.au
WM/Minimal.al
WM/Minimal.br
WM/Minimal.bo
WM/Minimal.bm
WM/Minimal.aw
WM/Minimal.ap
WM/Minimal.af
WM/Minimal.ac
WM/Minimal.aa
WM/Minimal.ae
WM/Minimal.z
WM/Minimal.v
WM/Minimal.y
Script (1)
Bat/cmn
Win32 (2)
W32/Alcaul.d
W32/Dreform
Worm (1)
W32/Dervise.worm

posted by Will Pittenger at 1:56 AM 0 comments links to this post

We are back in action

I had to switch to McAfee and get it figured out. Took me a while to find a list of changes with each update. Looks like I need to check a website for changes daily. When I see changes, I will post them here. The website I will be going to is http://vil.nai.com/vil/DATReadme.aspx.


Good News:
  • Threats are now links that provide more information on that threat.
  • Threats now include malware in general. Before, only trojans, worms, and viruses were listed. The new information should now include spyware and perhaps more.

Bad news:
  • The columns for Deleted threats and Renamed threats are gone. McAfee does not provide this information.
  • I do need to check regularly to keep this Blog up-to-date. Sorry.
  • Virus names will not match those in older posts.

posted by Will Pittenger at 1:20 AM 0 comments links to this post

Saturday, April 01, 2006

Virus Updates for 3-31-2006

Just one change today: A new virus was found. It was SYMBOS_FLEXSPY.A.

posted by Will Pittenger at 1:53 AM 0 comments links to this post

Wednesday, March 29, 2006

Viruses Updates found on 3-29-2006

New Viruses
193 Number of New Viruses

A2KM_DROPPER.AVI
BAT_BVC.A
BAT_BWG.AH
BAT_COPYALL.A
BAT_COPYKAZ.B
BAT_COPYKAZ.C
BAT_CYBRPHUC.A
BAT_DELTREE.AF
BAT_DELTREE.AG
BAT_DELTREE.AH
BAT_DELTREE.AI
BAT_DMENU.AA
BAT_DMENU.M
BAT_DMENU.N
BAT_DMENU.P
BAT_DMENU.Q
BAT_DMENU.R
BAT_DMENU.S
BAT_DMENU.T
BAT_DMENU.U
BAT_DMENU.V
BAT_DMENU.W
BAT_DMENU.X
BAT_DMENU.Y
BAT_DMENU.Z
BAT_HOTTOTROT.A
BAT_LOOP.J
BAT_OOH.A
BAT_SNOITAL.B
BKDR_AGENT.BBQ
BKDR_BIFROSE.GI
BKDR_BIONET.AL
BKDR_DELF.AYT
BKDR_FANTADOR.D
BKDR_GALAPOPE.A
BKDR_GRAYBIRD.IT
BKDR_GRAYBIRD.NZ
BKDR_HAXDOOR.FB
BKDR_HAXDOOR.FF
BKDR_HESIB.G
BKDR_HUPIGON.AOO
BKDR_HUPIGON.APJ
BKDR_SHELLBOT.AQ
BKDR_VB.ALQ
CHM_DROPPER.AVH
HTML_HARNIG.AF
HTML_MHTREDIR.GI
JS_ASTROLOGY.B
JS_EXCEPTION.AB
JS_FEEBS.AN
JS_PHEL.GA
JS_PHEL.GS
PERL_XPLOIT.E
REG_WISIS.V
TROJ_AGENT.AQT
TROJ_AGENT.BOW
TROJ_AGENT.BPP
TROJ_AGENT.BPR
TROJ_AGENT.BPS
TROJ_AGENT.BPT
TROJ_AGP.J
TROJ_BANLOAD.LZ
TROJ_BANLOAD.MO
TROJ_BANLOAD.NY
TROJ_BANLOAD.QR
TROJ_BANLOAD.QS
TROJ_BANLOAD.QT
TROJ_BANLOAD.QU
TROJ_BANLOAD.RB
TROJ_BANLOAD.RV
TROJ_BONDING.A
TROJ_CLICKER.JL
TROJ_DELF.BCC
TROJ_DLOAD.DAM
TROJ_DLOADER.CKA
TROJ_DLOADER.COG
TROJ_DLOADER.CPI
TROJ_DLOADER.CPJ
TROJ_DLOADER.CPK
TROJ_DLOADER.CPL
TROJ_DLOADER.CPP
TROJ_DLOADER.CPQ
TROJ_DLOADER.CPT
TROJ_DMENU.O
TROJ_DOWNLOAD.CX
TROJ_DROPPER.ASW
TROJ_DRSMARTL.AA
TROJ_DRSMARTL.Z
TROJ_HACKDEFEN.H
TROJ_HUPIGON.AKT
TROJ_IEFEAT.AC
TROJ_IRCBA.B
TROJ_ISTBAR.ID
TROJ_ISTBAR.IG
TROJ_LDPINCH.IL
TROJ_NI.D
TROJ_PAKES.CE
TROJ_PROXY.FR
TROJ_QQHELPER.AN
TROJ_QQPASS.SP
TROJ_SMALL.BMQ
TROJ_SMALL.BMV
TROJ_SMALL.BNS
TROJ_SMALL.BNV
TROJ_STARTPA.DN
TROJ_TC.B
TROJ_UNIV.T
TROJ_UNSAFE.A
TROJ_VANTI.BC
TROJ_VB.AMG
TROJ_VB.AMH
TROJ_VB.AMI
TROJ_WINSHOW.AW
TROJ_WOPLA.R
TROJ_WOPLA.S
TROJ_ZAPCHAST.CT
TROJ_ZLOB.JO
TSPY_AGENT.BPU
TSPY_AOLPASS.F
TSPY_BANBRA.IC
TSPY_BANCOS.CJM
TSPY_BANCOS.CJN
TSPY_BANCOS.CJO
TSPY_BANCOS.CJP
TSPY_BANCOS.CJQ
TSPY_BANCOS.CJR
TSPY_BANKER.CTA
TSPY_BANKER.CTB
TSPY_BANKER.CTC
TSPY_BANKER.CTO
TSPY_BANKER.CTP
TSPY_BANKER.CTQ
TSPY_DELF.BCE
TSPY_DELF.BCI
TSPY_DELF.BCT
TSPY_DELF.BCU
TSPY_FOLIN.AO
TSPY_GEPOST.A
TSPY_KAPOD.AV
TSPY_LDPINCH.HZ
TSPY_LDPINCH.IK
TSPY_LEGMIR.KI
TSPY_LEGMIR.KK
TSPY_LINEAGE.AFZ
TSPY_LINEAGE.AGR
TSPY_LINEAGE.AGS
TSPY_LINEAGE.AGT
TSPY_LINEAGE.AGU
TSPY_LMIR.RU
TSPY_LMIR.UA
TSPY_QQROB.TI
VBS_BAHLAN.B
VBS_BEBOP.C
VBS_BLEED.K
VBS_BOMGEN.AG
VBS_BONDING.A
VBS_EVAN.B
VBS_EVAN.C
VBS_NEVESC.D
VBS_PHEL.GI
VBS_REDLOF.S
VBS_SHEEP.F
VBS_VBSWG.AK
VBS_VBSWG.AP
VBS_ZELDA.B
WORM_AGOBOT.AGY
WORM_BRONTOK.BN
WORM_IRCBOT.FT
WORM_LOCKSKY.AZ
WORM_MARIO.C
WORM_MYTOB.PF
WORM_RBOT.AQB
WORM_RBOT.ARC
WORM_RBOT.ARE
WORM_RBOT.ARS
WORM_RBOT.ARU
WORM_RBOT.EJV
WORM_RBOT.ITE
WORM_RBOT.YC
WORM_RBOT.YD
WORM_RBOT.YI
WORM_RONTOKBR.AT
WORM_SDBOT.DQW
WORM_SDBOT.DTT
WORM_SDBOT.JPG
WORM_SDBOT.JPH
WORM_SPYBOT.DP
WORM_TOXBOT.C
WORM_TRAXG.BD
WORM_TRAXG.BE
WORM_WUKILL.AE
WORM_WUKILL.AF
WORM_ZEVITY.C
 Renamed Viruses
1 Renamed Viruses

TROJ_AGENT.BNM = WORM_IRCBOT.GJ
 Updated Viruses
19 Changed Viruses

BKDR_GENERIC
BKDR_HUPIGON.KG
BKDR_PRORAT.A
JS_BINGHU.C
TROJ_ADCLICKE.AJ
TROJ_BAGLE.DG
TROJ_BAGLE.DM
TROJ_DELF.AXE
TROJ_DLOADER.BXQ
TROJ_GENERIC
TROJ_IEFEAT.AB
TROJ_NAIL.A
TROJ_NAILPOL.A
TSPY_DELF.ATV
TSPY_GENERIC
TSPY_LINEAGE.YF
WORM_FLOR.A
WORM_WUKILL.C
WORM_WUKILL.E
 Deleted Viruses
No Deleted Viruses

EXPL_TXTRANGE.B
TROJ_DLOADER.COZ    (replaced with ADW_BORLAN.A)
TSPY_AGENT.AWN        (replaced with ADW_OURXIN.B)
WORM_BRONTOK.BN

posted by Will Pittenger at 2:07 PM 0 comments links to this post

Viruses for 3-28-2006

New Viruses
320 Number of New Viruses

BAT_COPYBAT.AB
BAT_DIMO2.A
BAT_DIMO2.B
BAT_SILLY.BQ
BKDR_AGENT.BKF
BKDR_AGENT.BPN
BKDR_AGENT.BPR
BKDR_ARR.AH
BKDR_AWQ.AI
BKDR_BBR.B
BKDR_BEASTDR.AI
BKDR_BIFROSE.DV
BKDR_BIFROSE.FC
BKDR_BKK.A
BKDR_CKB.AT
BKDR_CPI.AI
BKDR_CPI.AL
BKDR_CQJ.D
BKDR_CYB.A
BKDR_DELF.ANN
BKDR_DELF.ASH
BKDR_EXDIS.B
BKDR_FIREFLY.W
BKDR_GRAYBIRD.NK
BKDR_GRAYBIRD.NQ
BKDR_GRAYBIRD.NR
BKDR_GRAYBIRD.NS
BKDR_GRAYBIRD.NY
BKDR_HACDEF.DK
BKDR_HACDEF.DN
BKDR_HACKDEFEN.G
BKDR_HAXDOOR.FA
BKDR_HAXDOOR.FC
BKDR_HAXDOOR.FD
BKDR_HAXDOOR.FE
BKDR_HUPIGON.APD
BKDR_HUPIGON.APE
BKDR_HUPIGON.APF
BKDR_HUPIGON.APG
BKDR_HUPIGON.APH
BKDR_HUPIGON.API
BKDR_JRO.B
BKDR_JVL.A
BKDR_NET.V
BKDR_OPTIX.AM
BKDR_PCCLIENT.GH
BKDR_POEBOT.AO
BKDR_SOLUFINA.A
CHM_JOINER.CL
HTML_CODEBASE.BC
HTML_DLOADER.CPE
HTML_OBSCURED.B
HTML_OBSCURED.C
IRC_ZAPCHAST.CU
JS_BINGHU.C
JS_DOGREV.AA
JS_EXPLOIT.AC
JS_FEEBS.BB
JS_PHEL.GO
JS_PSYME.CB
PE_ZAWEX.C
PHP_SERVU.CT
PHP_STORBS.A
REG_STRTPAGE.C
TROJ_AAB.A
TROJ_ABU.H
TROJ_ABU.J
TROJ_ABWIZ.Y
TROJ_ADCLICKE.AO
TROJ_ADLOAD.CG
TROJ_ADLOAD.CH
TROJ_AGENT.BPL
TROJ_AGENT.BPM
TROJ_AGENT.BPO
TROJ_AGENT.BPQ
TROJ_ANI.N
TROJ_BAC.AI
TROJ_BANKER.CTD
TROJ_BANKER.CTE
TROJ_BANKER.CTF
TROJ_BANLOAD.LT
TROJ_BANLOAD.LV
TROJ_BANLOAD.LW
TROJ_BANLOAD.LX
TROJ_BANLOAD.LY
TROJ_BANLOAD.NJ
TROJ_BANLOAD.SU
TROJ_BANLOAD.TD
TROJ_BG.C
TROJ_BOOKMARK.T
TROJ_BOOTCONF.C
TROJ_BOOTCONF.D
TROJ_BUK.A
TROJ_CDC.B
TROJ_CLICKER.JK
TROJ_CLK.AB
TROJ_DELF.ALG
TROJ_DIALER.EC
TROJ_DLOADER.CLE
TROJ_DLOADER.CNF
TROJ_DLOADER.CNG
TROJ_DLOADER.CNH
TROJ_DLOADER.CNJ
TROJ_DLOADER.CNW
TROJ_DLOADER.COS
TROJ_DLOADER.COT
TROJ_DLOADER.COV
TROJ_DLOADER.COW
TROJ_DLOADER.COX
TROJ_DLOADER.COY
TROJ_DLOADER.COZ
TROJ_DLOADER.CPA
TROJ_DLOADER.CPB
TROJ_DLOADER.CPC
TROJ_DLOADER.CPD
TROJ_DLOADER.CPF
TROJ_DOWNLOAD.DS
TROJ_DOWNLOAD.DU
TROJ_DOWNLOAD.DV
TROJ_DOWNLOAD.DW
TROJ_DOWNLOAD.DX
TROJ_DOWNLOAD.DZ
TROJ_DOWNLOAD.EA
TROJ_DOWNLOAD.EB
TROJ_DOWNLOAD.EC
TROJ_DOWNLOAD.ED
TROJ_DOWNLOAD.EE
TROJ_DOWNLOAD.EF
TROJ_DOWNLOAD.EG
TROJ_DOWNLOAD.EH
TROJ_DOWNLOAD.EI
TROJ_DOWNLOAD.EK
TROJ_DOWNLOAD.EL
TROJ_DOWNLOAD.EM
TROJ_DOWNLOAD.EN
TROJ_DOWNLOAD.EO
TROJ_DOWNLOAD.ES
TROJ_DROPPER.AUQ
TROJ_DROPPER.AWG
TROJ_DROPPER.AWJ
TROJ_DROPPER.AWK
TROJ_DROPPER.AWL
TROJ_DROPPER.AWM
TROJ_DROPPER.AWN
TROJ_DROPPER.AWO
TROJ_DROPPER.AWP
TROJ_DROPPER.AWQ
TROJ_DROPPER.AWS
TROJ_EX.C
TROJ_FRE.A
TROJ_GALAPOPER.Z
TROJ_GOLDUN.DJ
TROJ_GOLDUN.DK
TROJ_GOLDUN.DM
TROJ_GWGHOST.AF
TROJ_HACDEF.DM
TROJ_IEFEAT.AB
TROJ_IG.B
TROJ_INJECT.E
TROJ_KAKKEYS.P
TROJ_KEYLOGGE.F
TROJ_KEYLOGGE.G
TROJ_KEYLOGGE.H
TROJ_KEYLOGGE.I
TROJ_KEYLOGGE.J
TROJ_KEYLOGGE.K
TROJ_KEYLOGGE.L
TROJ_KUANG.AA
TROJ_LDPINCH.IG
TROJ_LEGENDMIR.W
TROJ_LIKMET.B
TROJ_LOWZONES.GR
TROJ_LOWZONES.GT
TROJ_LOWZONES.GU
TROJ_METAFISHE.E
TROJ_MITGLIED.AK
TROJ_MULDROP.HH
TROJ_NI.C
TROJ_NULLPOS.D
TROJ_ORSE.AD
TROJ_OS.A
TROJ_P2E.AO
TROJ_PAKES.AZ
TROJ_PRORAT.BV
TROJ_PROXY.FP
TROJ_PROXY.FQ
TROJ_PUPER.BZ
TROJ_PURITY.K
TROJ_QHOSTS.AF
TROJ_QQROB.TB
TROJ_QQROB.TE
TROJ_RENOS.AG
TROJ_SILLYFDC.R
TROJ_SMALL.BLU
TROJ_SMALL.BLW
TROJ_SMALL.BLY
TROJ_SMALL.BMG
TROJ_SMALL.BNR
TROJ_SPYCRED.A
TROJ_STARTPA.GG
TROJ_STARTPA.GH
TROJ_SWIZZOR.KM
TROJ_SWIZZOR.KN
TROJ_SWIZZOR.KO
TROJ_SWIZZOR.KP
TROJ_SWIZZOR.KQ
TROJ_SWIZZOR.KR
TROJ_TE.B
TROJ_TIBS.BY
TROJ_TIBS.BZ
TROJ_TIBS.CA
TROJ_TIBS.CD
TROJ_TIBS.CE
TROJ_TIBS.CF
TROJ_TIBS.CG
TROJ_TINY.AV
TROJ_VANTI.BB
TROJ_VB.AJJ
TROJ_VB.AJM
TROJ_VB.ALN
TROJ_VIPGSM.AL
TROJ_VS.AE
TROJ_VS.AF
TROJ_VS.AG
TROJ_VS.AH
TROJ_VS.AI
TROJ_VS.AJ
TROJ_VS.AK
TROJ_VS.AL
TROJ_VS.AM
TROJ_VS.AN
TROJ_VS.AO
TROJ_VX.C
TROJ_YZ.E
TROJ_ZLOB.JI
TROJ_ZLOB.JJ
TROJ_ZLOB.JK
TROJ_ZLOB.JL
TROJ_ZLOB.JM
TSPY_AGENT.BMS
TSPY_AGENT.BPP
TSPY_BANBRA.HO
TSPY_BANBRA.HP
TSPY_BANBRA.HQ
TSPY_BANBRA.HR
TSPY_BANBRA.HS
TSPY_BANBRA.HU
TSPY_BANBRA.HV
TSPY_BANBRA.HW
TSPY_BANBRA.HX
TSPY_BANBRA.HY
TSPY_BANBRA.HZ
TSPY_BANBRA.IA
TSPY_BANBRA.IB
TSPY_BANCOS.CHT
TSPY_BANCOS.CJB
TSPY_BANCOS.CJC
TSPY_BANKER.CIE
TSPY_BANKER.CNH
TSPY_BANKER.CQY
TSPY_BANKER.CQZ
TSPY_BANKER.CRA
TSPY_BANKER.CSV
TSPY_BANKER.CSW
TSPY_BANKER.CSX
TSPY_BANKER.CSY
TSPY_BANKER.CSZ
TSPY_BANKER.CTH
TSPY_BANKER.CTI
TSPY_BANKER.CTJ
TSPY_BANKER.CTK
TSPY_BANKER.CTL
TSPY_BANKER.CTM
TSPY_BANKER.CTN
TSPY_DELF.BAU
TSPY_GAMANIA.AL
TSPY_GAMANIA.AZ
TSPY_GOLDUN.DH
TSPY_KEYLOG.BI
TSPY_LDPINCH.IC
TSPY_LDPINCH.IE
TSPY_LINEAGE.AGE
TSPY_LINEAGE.AGH
TSPY_LINEAGE.AGI
TSPY_LINEAGE.AGK
TSPY_LINEAGE.AGL
TSPY_LINEAGE.AGM
TSPY_LINEAGE.AGO
TSPY_LINEAGE.AGP
TSPY_QQPASS.RI
TSPY_QQPASS.RM
TSPY_QQPASS.TB
TSPY_QQROB.TA
TSPY_QQROB.TH
TSPY_QQSHOU.CS
TSPY_WOWCRAFT.M
VBS_DLOADER.CNU
VBS_DOGET.B
VBS_LOVELETTE.A
VBS_QHOST.AR
VBS_TAORAO.O
WORM_AGOBOT.ABO
WORM_AGOBOT.UE
WORM_BRONTOK.BJ
WORM_BRONTOK.BL
WORM_FEEBS.BC
WORM_RBOT.API
WORM_RBOT.EJU
WORM_RBOT.VV
WORM_RBOT.WX
WORM_RBOT.YB
WORM_SDBOT.DBM
WORM_SDBOT.DPV
WORM_SDBOT.DPY
WORM_SDBOT.DQC
WORM_SDBOT.DQI
WORM_SDBOT.DSI
WORM_SDBOT.DTS
WORM_SPYBOT.JW
WORM_SPYBOT.MY
 Updated Viruses
26 Changed Viruses

BKDR_GENERIC
BKDR_GRAYBIRD.BG
BKDR_HUPIGON.HL
BKDR_NEKOHACK.A
BKDR_RELOAD.E
TROJ_AGENT.ARK
TROJ_DLOADER.BXQ
TROJ_GENERIC
TROJ_LAGER.Z
TROJ_YABE.M
TROJ_ZLOB.FN
TROJ_ZLOB.JB
TSPY_AGENT.BNU
TSPY_BANKER.BBO
TSPY_BANKER.CHO
TSPY_GENERIC
TSPY_LINEAGE.ACH
TSPY_LINEAGE.AEU
TSPY_LINEAGE.XZ
TSPY_LMIR.ST
WORM_GENERIC
WORM_LOVGATE.AU
WORM_LOVGATE.DAM
WORM_RBOT.BRB
WORM_RBOT.DPI
WORM_SDBOT.BMD

posted by Will Pittenger at 12:41 AM 0 comments links to this post

Sunday, March 26, 2006

I can now send virus updates.

I finally figured it out. However, the solution was to bypass the editor they provide and send the virus updates posts by e-mail. The editor built-into the webiste does not like tables. :(

posted by Will Pittenger at 1:09 AM 0 comments links to this post

Viruses updates found on 3-25-2006

New Viruses
267 Number of New Viruses

BAT_KRAZYB.B
BAT_NOSHARE.Z
BAT_WBS.A
BKDR_AGENT.BOL
BKDR_BIFROSE.FA
BKDR_BIFROSE.FB
BKDR_BIFROSE.FM
BKDR_BIFROSE.FO
BKDR_BIFROSE.FP
BKDR_BUBEN.A
BKDR_BUBEN.B
BKDR_CHT.G
BKDR_CUQ.B
BKDR_DARKMOON.AM
BKDR_DELF.AOF
BKDR_GRAYBIRD.LU
BKDR_GRAYBIRD.ND
BKDR_GRAYBIRD.NE
BKDR_GRAYBIRD.NG
BKDR_GRAYBIRD.NH
BKDR_HUPIGON.AHO
BKDR_HUPIGON.AHQ
BKDR_HUPIGON.AMZ
BKDR_HUPIGON.ANI
BKDR_HUPIGON.ANN
BKDR_HUPIGON.ANQ
BKDR_HUPIGON.ANR
BKDR_HUPIGON.ANS
BKDR_IOI.A
BKDR_IPU.A
BKDR_IRC.AA
BKDR_IRCBOT.GI
BKDR_OPTIXPRO.AA
BKDR_ORIFICE.AA
BKDR_POWERSPI.AH
BKDR_ROOTODOR.C
BKDR_RUNAR.B
BKDR_SERVU.CL
BKDR_WINSHELL.AO
BKDR_WISDOOR.BB
BKDR_WISDOOR.BC
BKDR_WISDOR.A
CHM_DROPPER.ANP
CHM_DROPPER.AVV
HTML_CITIFRAUD.Q
HTML_CODEBASE.BD
JOSHI.A
JS_PHEL.FO
JS_PSYME.BZ
JS_STEALUS.I
JS_STEALUS.J
JS_STEALUS.K
LOGKO.A
NECROPHILIA.A
OHIO.A
PAYBACK.G
PERL_IRCBOT.GG
PILGRIM.B
PINGPONG.H
SYMBOS_COMWAR.E
TROJ_ADLOAD.BY
TROJ_AEQ.A
TROJ_AGENT.BLO
TROJ_AGENT.BMW
TROJ_AGENT.BOK
TROJ_AGENT.BOM
TROJ_AGENT.BON
TROJ_AGENT.BOP
TROJ_AGENT.BOQ
TROJ_AGENT.BOR
TROJ_AGENT.BOS
TROJ_ANICMOO.AC
TROJ_BANKER.CPT
TROJ_BANLOAD.PM
TROJ_BANLOAD.PN
TROJ_BANLOAD.QA
TROJ_BANLOAD.QJ
TROJ_BANLOAD.SV
TROJ_BANLOAD.SX
TROJ_BG.B
TROJ_BOROBOT.G
TROJ_CENTIM.AF
TROJ_CENTIM.AG
TROJ_CRYPT.AG
TROJ_DADOBRA.DY
TROJ_DELF.AHL
TROJ_DHIJACK.AD
TROJ_DLOAD.AF
TROJ_DLOAD.AG
TROJ_DLOADER.CIV
TROJ_DLOADER.CIW
TROJ_DLOADER.CIY
TROJ_DLOADER.CLL
TROJ_DLOADER.CMW
TROJ_DLOADER.CMX
TROJ_DLOADER.CMY
TROJ_DLOADER.CMZ
TROJ_DLOADER.CNA
TROJ_DLOADER.CNB
TROJ_DLUCA.AB
TROJ_DOWNLOAD.DC
TROJ_DOWNLOAD.DD
TROJ_DOWNLOAD.DE
TROJ_DROPPER.ATV
TROJ_DROPPER.AVU
TROJ_DROPPER.AVW
TROJ_DROPPER.AVX
TROJ_DROPPER.AVY
TROJ_DROPPER.AWA
TROJ_GOLDUN.DB
TROJ_HAXDOOR.EW
TROJ_HOOK.E
TROJ_HOOK.F
TROJ_LAGER.Z
TROJ_LEMIR.LD
TROJ_LEMIR.LH
TROJ_MULDROP.GV
TROJ_MULJOINER.A
TROJ_PAKES.CD
TROJ_PO.C
TROJ_POLER.N
TROJ_PROXY.FO
TROJ_QOOLOGIC.AM
TROJ_QOOLOGIC.AN
TROJ_QOOLOGIC.AO
TROJ_QQPASS.ST
TROJ_QQPASS.SU
TROJ_QQPASS.SV
TROJ_QQROB.SD
TROJ_QQROB.SL
TROJ_QQROB.VJ
TROJ_RASER.S
TROJ_SMALL.BLA
TROJ_SMALL.BNK
TROJ_SMALL.BNL
TROJ_TINY.AR
TROJ_TINY.AS
TROJ_TORPIG.S
TROJ_VANTI.AW
TROJ_VB.AKG
TROJ_VB.AKH
TROJ_VERYLINCE.B
TROJ_VIXUP.AD
TROJ_VIXUP.AE
TROJ_VIXUP.AF
TROJ_WOW.AE
TROJ_ZAPCHAST.CS
TROJ_ZLOB.HF
TROJ_ZLOB.HG
TROJ_ZLOB.IX
TROJ_ZLOB.IY
TSPY_AGENT.AZW
TSPY_AGENT.BOO
TSPY_BANBRA.GA
TSPY_BANBRA.GC
TSPY_BANBRA.GG
TSPY_BANCOS.CGJ
TSPY_BANCOS.CGK
TSPY_BANCOS.CGL
TSPY_BANCOS.CGN
TSPY_BANCOS.CGO
TSPY_BANCOS.CIO
TSPY_BANCOS.CIP
TSPY_BANCOS.CIQ
TSPY_BANCOS.CIW
TSPY_BANKER.BYE
TSPY_BANKER.CCF
TSPY_BANKER.COF
TSPY_BANKER.COG
TSPY_BANKER.COH
TSPY_BANKER.COI
TSPY_BANKER.CPD
TSPY_BANKER.CPE
TSPY_BANKER.CPF
TSPY_BANKER.CPG
TSPY_BANKER.CPH
TSPY_BANKER.CPI
TSPY_BANKER.CPJ
TSPY_BANKER.CPK
TSPY_BANKER.CPL
TSPY_BANKER.CPM
TSPY_BANKER.CPN
TSPY_BANKER.CPO
TSPY_BANKER.CPP
TSPY_BANKER.CPQ
TSPY_BANKER.CPR
TSPY_BANKER.CPS
TSPY_BANKER.CPY
TSPY_BANKER.CPZ
TSPY_BANKER.CQA
TSPY_BANKER.CQB
TSPY_BANKER.CQC
TSPY_BANLOAD.SW
TSPY_DELF.ATK
TSPY_DELF.AXC
TSPY_GOLDUN.DA
TSPY_HANGAME.AT
TSPY_LINEAGE.ACJ
TSPY_LINEAGE.ADG
TSPY_LINEAGE.AEU
TSPY_LINEAGE.AFE
TSPY_LMIR.QB
TSPY_LMIR.SM
TSPY_LMIR.SP
TSPY_LMIR.SQ
TSPY_LMIR.ST
TSPY_LMIR.TL
TSPY_LMIR.TO
TSPY_LMIR.TR
TSPY_LMIR.TV
TSPY_LMIR.TW
TSPY_LMIR.TX
TSPY_METAFISH.D
TSPY_QQPASS.SR
TSPY_QQPASS.SW
TSPY_QQROB.VL
TSPY_QQROB.VN
TSPY_QQSENDER.I
TSPY_SINOWAL.A
TSPY_STEAM.C
VBS_ACE.AT
VBS_ACE.BG
VBS_CRYSTAL.H
VBS_DLOADER.CMU
VBS_MIRACLE.B
VBS_PHEL.GM
VBS_PHEL.GN
VBS_SMALL.BNI
VBS_TAORAO.N
VBS_YOZIS.C
W97M_LIX.A
WORM_AGOBOT.BDB
WORM_AGOBOT.BDC
WORM_BRONTOK.AY
WORM_BRONTOK.BH
WORM_BRONTOK.BI
WORM_KELVIR.DP
WORM_LEWOR.AM
WORM_MSBLAST.AB
WORM_OPANKI.BX
WORM_POPO.E
WORM_RBOT.AFF
WORM_RBOT.EIT
WORM_RBOT.EIU
WORM_RBOT.EIV
WORM_RBOT.EIX
WORM_RBOT.EIY
WORM_RBOT.EJA
WORM_RBOT.EJG
WORM_RBOT.EJH
WORM_RBOT.EJI
WORM_RBOT.EJJ
WORM_RBOT.EJK
WORM_RBOT.EJM
WORM_REGEL.A
WORM_SDBOT.DRY
WORM_SDBOT.DRZ
WORM_SDBOT.DSA
WORM_SDBOT.JPF
WORM_SDBOT.QC
WORM_SILLY.BP
WORM_SPYBOT.ATN
WORM_SPYBOT.AV
WORM_SPYBOT.CDN
WORM_SPYBOT.CDO
WORM_SPYBOT.CDQ
WORM_VB.AKN
 Renamed Viruses
2 Renamed Viruses

TROJ_AGENT.AZW = BKDR_AGENT.BOG
BKDR_IRCBOT.JA = WORM_IRCBOT.GH
 Updated Viruses
27 Changed Viruses

BKDR_DELF.AHQ
BKDR_GENERIC
BKDR_HACDEF.DL
BKDR_HUPIGON.ALS
BKDR_NPFECT.A
DDOS_GENERIC
SYMBOS_CABIR.B
SYMBOS_COMWAR.D
TROJ_BAGLE.DM
TROJ_CRYZIP.A
TROJ_DLOADER.BXQ
TROJ_GENERIC
TROJ_RASER.P
TROJ_STERVIS.J
TROJ_TIBS.BQ
TROJ_YABE.M
TSPY_AGENT.BOJ
TSPY_BANKER.BBO
TSPY_GENERIC
TSPY_QQPASS.PM
TSPY_RAGROK.G
WORM_GENERIC
WORM_MYDOOM.BK
WORM_MYTOB.DAM
WORM_RBOT.EIA
WORM_RONTOKBR.AQ
WORM_SDBOT.DLQ
 Deleted Viruses
2 Deleted Viruses

WORM_BRONTOK.BF
WORM_SPYBOT.CDL

posted by Will Pittenger at 12:50 AM 2 comments links to this post

Saturday, March 25, 2006

Check out my new Security Info forum!!

I have also created a new forum that is related to this Blog. It intended to help users make their computer more secure and help them stop spam. Both aims will be met through education and user-to-user support of security-type products that are published by companies that do not provide their own security forum.

The root board for my forums: Security Info -- How to Fight Spam and Malware. In the Comments & Suggestions, you can post anonymously. Just be sure you are logged out of the forums first.

posted by Will Pittenger at 10:53 PM 0 comments links to this post