Virus

Computer virus is a broad range of threats that can harm the computer in distinctive ways. Each type of computer virus was made for specific purpose of attacking the system and attains its malicious objective.

W32/Conficker!mem

W32/Conficker!mem Detection

W32/Conficker!mem is a heuristic detection for a memory-related worm that may take advantage of the Microsoft Windows Server Service Vulnerability. This virus can download and execute more harmful files on to the computer. It modifies system registry to allow the virus to pass-through Windows firewall. Then, it will connect to a remote host where it will download the file. Typically, W32/Conficker!mem fetches file that it will use to update itself. Study also shows that the worm may pull down other malware that it will execute on the compromised computer. (more…)

Mal/Qbot-B

Mal/Qbot-B is a virus that may pose threat on computers, which can lead to intrusions, disruptions and damage to the system. This virus is a general detection to identify malicious files having these characteristics to warn computer users and prevent execution. Because once this virus executes on the system, it may communicate to a remote server to download other malware that it will execute on the compromised PC. (more…)

W32.Virut.CF

W32.Virut.CF is a virus that can hide itself from antivirus program detection and invade the scanning process by using Entry Point Obfuscation (EPO). W32.Virut.CF will modify Windows registry to add itself on start-up items. Another functionality of this virus is to look for and infect executable files with extensions such as .exe, .scr. This worm injects i-frame into the body of the web-related files such as .html, .php and .asp. to further harm computer and redirect the homepage to unwanted websites.  (more…)

Suspicious.MH690

Suspicious.MH690 detection

Suspicious.MH690 is a detection process for new malware threats without utilizing your antivirus program’s usual signatures. The method’s unique objective is to identify harmful software that attempts to conceal themselves from security programs by mutation technique. Encrypting Suspicious.MH690 is intentional with developers hoping to complicate threat analysis. Target computer’s antivirus application will be with the applied method. (more…)

W32.Azero.A

W32.Azero.A detection

W32.Azero.A is a computer virus that infects executable files on specific folder of the compromised system. This virus may also end running process that belongs to Windows Task Manager. Presence of this virus can hamper the operation of the computer. It may also bring permanent damage to infected files that could lead to system malfunction. The virus will affect how user browse files due to the changes it will make on Windows Explorer settings. One obvious symptom is inaccessible files and folder options. (more…)

W32.Proyo

W32.Proyo infects .exe and .scr files on all fixed and remote drives. When infected file is executed, it copies itself on the same folder but with a .dmj extension. W32.Proyo can lower security settings on the compromised system by ending security-related process. This virus will look for .exe and .scr files and embed them with viral code that may result to an increase in size of about 45,056 bytes. (more…)

Flu Burung Virus

Flu Burung is a virus that can infect Microsoft Word .doc files by duplicating infected file with an executable .scr extension. The original version will be hidden so only the executable copy is visible to user. Flu Burung Virus will also replaced Internet Explorer title to show its presence and block access to security web sites. (more…)

VBS.Mondezimia

VBS.Mondezimia is a VBS, html, htm, and htt file infector that repeatedly infects all html files it can find on the infected computer. This virus will arrive on the system through an infected .html page of a contracted web site. This threat is capable of making changers to Windows registry in order to run itself when Windows starts. This virus may append Visual Basic script to the end of .html file that will increase its size to 35,581 bytes more. (more…)