http://www.eset.eu Thu, 17 May 2012 04:56:59 +0100 FeedCreator 1.7.2 http://www.eset.eu/buxus/generate_page.php?page_id=40401 Short description Win32/TrojanDropper.Agent.PQT is a trojan that installs Win32/Farfli.IR malware. Installation When executed, the trojan copies itself into the following location: %temp%\%variable1% The trojan creates the following files: %temp%\w7e%variable2%.tmp (41984 B) %temp%\w7e2%variable3%.tmp (99328 B, Win32\Farfli.IR) A string with variable content is ... Wed, 16 May 2012 14:19:08 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40397 Short description The trojan serves as a backdoor. It can be controlled remotely. Installation The trojan is usually a part of other malware. The trojan does not create any copies of itself. Information stealing Win32/Spy.Georbot.G is a trojan that steals sensitive information. The trojan collects the following information: login user names for certain ... Wed, 16 May 2012 09:39:15 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40390 Short description Win32/TrojanDownloader.Wauchos.A is a trojan which tries to download other malware from the Internet. Installation When executed, the trojan copies itself in some of the the following locations: %allusersprofile%\svchost.exe %allusersprofile%\Local Settings\Temp\ms%variable%.%fileextension% %userprofile%\Local Settings\Temp\ms%variable%.%fileextension% A ... Mon, 14 May 2012 12:52:31 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40382 Short description Android/TrojanSMS.Boxer is a trojan that sends SMS messages to premium rate phone numbers. Installation The trojan must be downloaded and manually installed. Other information Android/TrojanSMS.Boxer is a trojan that sends SMS messages to premium rate phone numbers. The premium rate phone number is one of the following: 39827 (South Africa) 72401 ... Fri, 11 May 2012 09:49:17 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40376 Short description The trojan serves as a backdoor. It can be controlled remotely. Installation The trojan is usually a part of other malware. The trojan does not create any copies of itself. Information stealing Win32/Spy.Georbot.H is a trojan that steals sensitive information. The trojan collects the following information: login user names for certain ... Thu, 10 May 2012 08:36:19 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40359 Short description Win32/Agent.PBI is a trojan that is spread via peer-to-peer networks. The trojan serves as a backdoor. It can be controlled remotely. Installation When executed, the trojan creates the following files: %temp%\install-201591042.exe (2689024 B) The file is then executed. The trojan may create the following files: %programfiles%\Tor\tor.exe ... Fri, 04 May 2012 08:52:00 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40352 Short description The trojan serves as a backdoor. It can be controlled remotely. Installation When executed, the trojan copies itself into the following location: %temp%\vmaspol.exe In order to be executed on every system start, the trojan sets the following Registry entry: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]RUN = ... Wed, 02 May 2012 17:12:29 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40350 Short description Win32/CoinMiner.H is a trojan that uses the hardware resources of the infected computer for mining the Bitcoin digital currency. The file is run-time compressed using RAR SFX. Installation When executed, the trojan creates the following files: %userprofile%\Start Menu\Programs\Startup\x11.exe (303599 B, Win32/CoinMiner.H) The file is then executed. ... Wed, 02 May 2012 13:45:45 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40346 Short description MSIL/Agent.BC is a worm which tries to download other malware from the Internet. It is able to spread via removable media, IM and social networks. Installation The worm does not create any copies of itself. The worm may set the following Registry entries: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]Internet = %temp%\Internet.exe ... Wed, 02 May 2012 11:49:39 +0100 http://www.eset.eu/buxus/generate_page.php?page_id=40323 Short description Win32/Qhost.PEV is a trojan that changes the home page of certain web browsers. Installation When executed, the trojan copies itself into the following location: %system%\msnmsgr.exe The trojan creates the following file: %system%\drivers\vvuacult.exe (501760 B, Win32/Qhost.PEV) The file is then executed. The trojan creates the following ... Tue, 24 Apr 2012 12:20:13 +0100