http://www.securelist.com/en/ 11 Feb 2012 17:23:54 +0400 http://www.securelist.com/en/rss/klogo.gif http://www.securelist.com/en/ webmaster@securelist.com () This Trojan simulates an anti-virus program in order to obtain remuneration from the user for the detection and deletion of false threats. It is a Windows application (PE EXE file). It is 1 134 592... http://www.securelist.com/en/descriptions/Trojan.Win32.FakeAV.eya http://www.securelist.com/en/descriptions/Trojan.Win32.FakeAV.eya 09 Feb 2012 14:54:00 +0400 webmaster@securelist.com () The program's main window is shown below: Once launched, the Trojan performs the following actions: If it detects the following processes, it ceases running:... http://www.securelist.com/en/descriptions/Trojan.Win32.Buzus.fbcr http://www.securelist.com/en/descriptions/Trojan.Win32.Buzus.fbcr 09 Feb 2012 14:32:00 +0400 webmaster@securelist.com () This malicious program provides a malicious user with remote access to the infected computer and uses P2P network file sharing directories to distribute itself. It is a Windows application (PE EXE... http://www.securelist.com/en/descriptions/P2P-Worm.Win32.Palevo.arxz http://www.securelist.com/en/descriptions/P2P-Worm.Win32.Palevo.arxz 09 Feb 2012 14:17:00 +0400 webmaster@securelist.com () This malicious program is part of other malicious adware. It is a Windows Dynamic Link Library (PE DLL file). It is 213 111 bytes in size. It is written in C++. http://www.securelist.com/en/descriptions/not-a-virus:AdWare.Win32.FunWeb.di http://www.securelist.com/en/descriptions/not-a-virus:AdWare.Win32.FunWeb.di 08 Feb 2012 19:21:00 +0400 webmaster@securelist.com () This Trojan belongs to the family of Trojans that steals passwords from online gaming user account records. It is a Windows application (PE EXE file) and is 116 736 bytes in size. It is packed using... http://www.securelist.com/en/descriptions/Trojan-GameThief.Win32.Magania.dlip http://www.securelist.com/en/descriptions/Trojan-GameThief.Win32.Magania.dlip 08 Feb 2012 18:44:00 +0400 webmaster@securelist.com () Once launched, the backdoor establishes a connection with this server: in***aca.com A combination of the following strings is used as a login and password:... http://www.securelist.com/en/descriptions/Trojan.MSIL.Agent.azy http://www.securelist.com/en/descriptions/Trojan.MSIL.Agent.azy 08 Feb 2012 18:33:00 +0400 webmaster@securelist.com () This Trojan downloads files from the Internet without the user's knowledge. It is a Windows .NET application (PE EXE file) and is 35 328 bytes in size. http://www.securelist.com/en/descriptions/Trojan.MSIL.Agent.azx http://www.securelist.com/en/descriptions/Trojan.MSIL.Agent.azx 07 Feb 2012 17:32:00 +0400 webmaster@securelist.com () This malicious program demands a ransom in exchange for the content of an encrypted archive, which users believe contains a file that they need. It is a Windows application (PE EXE file) and is 1 191... http://www.securelist.com/en/descriptions/Hoax.Win32.ArchSMS.ong http://www.securelist.com/en/descriptions/Hoax.Win32.ArchSMS.ong 07 Feb 2012 17:23:00 +0400 webmaster@securelist.com () Once launched, the Trojan creates the following system registry key: [HKCU\Software\Stimul] Then, the Trojan displays the following window: After confirmation of "I agree with the rules",... http://www.securelist.com/en/descriptions/Hoax.Win32.ArchSMS.hewm http://www.securelist.com/en/descriptions/Hoax.Win32.ArchSMS.hewm 07 Feb 2012 17:18:00 +0400 webmaster@securelist.com () The Java class file "gamesload" includes a JAR archive and is part of a piece of malware. The following components of the Trojan are also stored in the archive: Game.class - 672... http://www.securelist.com/en/descriptions/Trojan-Downloader.Java.OpenStream.av http://www.securelist.com/en/descriptions/Trojan-Downloader.Java.OpenStream.av 06 Feb 2012 17:43:00 +0400 webmaster@securelist.com () This Trojan downloads another program to the computer and launches it for execution without the user's knowledge. It is a Windows application (PE EXE file) and is 56 320 bytes in size. It is packed... http://www.securelist.com/en/descriptions/Trojan-Downloader.Win32.Agent.fwcp http://www.securelist.com/en/descriptions/Trojan-Downloader.Win32.Agent.fwcp 06 Feb 2012 17:37:00 +0400 webmaster@securelist.com () This Trojan downloads files from the Internet and launches them without the user's knowledge. It is a Windows application (PE EXE file) and is 53 760 bytes in size. It is written in... http://www.securelist.com/en/descriptions/Trojan-Downloader.Win32.Agent.ejui http://www.securelist.com/en/descriptions/Trojan-Downloader.Win32.Agent.ejui 06 Feb 2012 17:31:00 +0400 webmaster@securelist.com () Once launched, the backdoor uses the function "GetSystemDefaultLCID" to obtain the ID for the group of national settings that the operating system uses by default. If the value obtained corresponds... http://www.securelist.com/en/descriptions/Backdoor.Win32.Agent.amps http://www.securelist.com/en/descriptions/Backdoor.Win32.Agent.amps 03 Feb 2012 19:28:00 +0400 webmaster@securelist.com () This Trojan stops the computer from functioning normally in order to obtain a ransom for restoring the system to its initial condition. It is a Windows application (PE EXE file) and is 40 448 bytes in... http://www.securelist.com/en/descriptions/Trojan-Ransom.Win32.XBlocker.bcp http://www.securelist.com/en/descriptions/Trojan-Ransom.Win32.XBlocker.bcp 03 Feb 2012 19:23:00 +0400 webmaster@securelist.com () This Trojan stops the computer from functioning in order to obtain a ransom for restoring it. It is a Windows application (PE EXE file) and is 355 328 bytes in size. It is packed using UPX. The... http://www.securelist.com/en/descriptions/Trojan-Ransom.Win32.Gimemo.ns http://www.securelist.com/en/descriptions/Trojan-Ransom.Win32.Gimemo.ns 03 Feb 2012 18:57:00 +0400 webmaster@securelist.com () This Trojan downloads other malicious programs from the Internet and launches them for execution without the user's knowledge. It is a Windows dynamic library (PE EXE file). It is 53 248 bytes in... http://www.securelist.com/en/descriptions/Trojan-Downloader.Win32.Agent.dlyf http://www.securelist.com/en/descriptions/Trojan-Downloader.Win32.Agent.dlyf 02 Feb 2012 18:01:00 +0400 webmaster@securelist.com () This Trojan delivers a malicious payload to the user's computer. It is a Windows application (PE EXE file). It is 352 256 bytes in size. It is written in Visual Basic. Installation When launching,... http://www.securelist.com/en/descriptions/Trojan.Win32.VB.aeke http://www.securelist.com/en/descriptions/Trojan.Win32.VB.aeke 02 Feb 2012 17:51:00 +0400 webmaster@securelist.com () This Trojan delivers a malicious payload to the user's computer. It is a Windows application (PE EXE file). It is 142 848 bytes in size. It is written in Delphi. http://www.securelist.com/en/descriptions/Trojan.Win32.Smardf.mlt http://www.securelist.com/en/descriptions/Trojan.Win32.Smardf.mlt 02 Feb 2012 17:10:00 +0400 webmaster@securelist.com () When the infected page is opened, Java class code starts to run, which leads to the following actions: The following file is created and launched: Ñ:\Windows\pay.reg This causes a change in... http://www.securelist.com/en/descriptions/Trojan.Java.Payphish.a http://www.securelist.com/en/descriptions/Trojan.Java.Payphish.a 01 Feb 2012 13:17:00 +0400 webmaster@securelist.com () This Trojan provides a malicious user with remote access to the infected computer. It is a Windows application (PE EXE file). It is 365 568 bytes in size. It is written in Delphi. Installation Once... http://www.securelist.com/en/descriptions/Backdoor.Win32.Delf.ugd http://www.securelist.com/en/descriptions/Backdoor.Win32.Delf.ugd 01 Feb 2012 13:03:00 +0400