8 Mar
BKDR_ARUGIZER.A is a backdoor that can infect a computer using the Energizer USB charger-monitoring software package. BKDR_ARUGIZER.A will drop a malicious file on Windows system folder and also in software’s installation folder.
Trojan Horse Generic16.CHUU is a heuristic detection for a Trojan that has functionalities to download and execute another malware from a remote server. Trojan Horse Generic16.CHUU will also modify Internet browser settings that may lead to redirection of Internet to a fake online virus scanner.
6 Mar
Packed.Generic.292 is a generic detection for malicious files that were found associated with the Trojan.FakeAV and Trojan.Zbot families.
6 Mar
Trojan.Arugizer is a Trojan that will open a back door port on computer allowing a remote attacker to gain unauthorized access. Trojan.Arugizer can also download and execute additional malicious files from a remote computer and modify system settings upon execution.
5 Mar
Generic.dx!oto is a Trojan that when executed will connect to the site “whatismyip.com” to retrieve the IP address of the victim’s computer. Generic.dx!oto will also the injects its malicious code into svchost.exe to connect to the attackers designated IP address through a remote port 53 and gain access.
5 Mar
Trojan.Mozipowp is a Trojan horse that will redirect Firefox Internet browser whenever user attempts to visit a web site. Trojan.Mozipowp modifies Web browser settings to display advertisements on the infected computer and monitor activities while online.
26 Feb
Suspicious.SecTool is a method used to identify totally new malware threats without using the traditional antivirus signatures. Suspicious.SecTool technology was designed to detect malicious software that has been intentionally mutated or morphed by its developers.
25 Feb
Trojan.Digitala is a Trojan horse that will connect to a remote location and attempts to download additional malware on to the infected computer.
24 Feb
Bloodhound.Exploit.315 is a general detection used to identify malicious files attempting to exploit the Microsoft PowerPoint ‘LinkedSlideAtom’ Heap Overflow Remote Code Execution Vulnerability as mentioned in BID 38101.
24 Feb
Bloodhound.Exploit.316 is a generic detection for malicious files trying to spread itself by exploiting the Microsoft PowerPoint ‘OEPlaceholderAtom’ Record Invalid Index Remote Code Execution Vulnerability as metioned in BID 38103.