Sunday, November 21, 2010

TR/Spy.176128.227

 General Methods of propagation:
• Autorun feature
• Messenger

Aliases:
•  Kaspersky: P2P-Worm.Win32.Palevo.atln
•  TrendMicro: WORM_PALEVO.OSZ
•  F-Secure: Worm.P2P.Palevo.GO
•  Bitdefender: Worm.P2P.Palevo.GO
•  Panda: W32/P2Pworm.OY
•  VirusBuster: Worm.P2P.Palevo.VHR
•  Eset: Win32/Peerfrag.FL
•  GData: Worm.P2P.Palevo.GO
•  DrWeb: Win32.HLLW.Lime.18

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7

Side effects:
• Third party control
• Drops files

Description inserted by Irina Diaconescu on Friday, November 5, 2010
Description updated by Andrei Ivanes on Tuesday, November 9, 2010

View the original article here

TR/Spy.ZBot.agip

 General Method of propagation:
• Autorun feature

Aliases:
•  Sophos: Mal/Generic-A
•  Bitdefender: Trojan.Generic.3314992
•  Panda: Trj/Krapack.gen
•  Eset: Win32/Spy.Zbot.UN

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003

Side effects:
• Downloads a malicious file
• Drops malicious files
• Registry modification

Description inserted by Petre Galan on Thursday, October 14, 2010
Description updated by Petre Galan on Thursday, October 14, 2010

View the original article here

TR/Kazy.7

MD5 checksum: 7EBEEBE7FD388057629D5230D8A55841 Sorry, I could not read the content fromt this page.

View the original article here

TR/Spy.ZBot.boyy.34

 General Method of propagation:
• Autorun feature

Aliases:
•  Bitdefender: Trojan.Spy.Zbot.EOA
•  Panda: Trj/Sinowal.XFF
•  Eset: Win32/Spy.Zbot.JF

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003

Side effects:
• Downloads a malicious file
• Drops malicious files
• Registry modification

Description inserted by Petre Galan on Thursday, October 14, 2010
Description updated by Andrei Ivanes on Friday, October 15, 2010

View the original article here

Saturday, November 20, 2010

TR/Code.lkx.12

 General Method of propagation:
• No own spreading routine

Alias:
•  F-Secure: Trojan-Downloader.Win32.CodecPack.okh

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7

Side effects:
• Lowers security settings

Description inserted by Florian Burlefinger on Thursday, November 18, 2010
Description updated by Florian Burlefinger on Thursday, November 18, 2010

View the original article here

JS/Pidief.21793

MD5 checksum: abc9839239af0146d641583aabbe99c1 Sorry, I could not read the content fromt this page.

View the original article here

TR/Obfuscated.IX.665

Reported Infections: Low to medium Sorry, I could not read the content fromt this page.

View the original article here

Friday, November 19, 2010

TR/Viking.B

 General Method of propagation:
• Autorun feature

Aliases:
•  Sophos: Mal/Taterf-B
•  Bitdefender: Trojan.Onlinegames.995
•  Panda: W32/Lineage.LJI
•  Eset: Win32/PSW.OnLineGames.OUM

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003

Side effects:
• Lowers security settings
• Downloads a malicious file
• Drops malicious files
• Registry modification

Description inserted by Petre Galan on Wednesday, November 17, 2010
Description updated by Petre Galan on Wednesday, November 17, 2010

View the original article here

TR/Scar.ceop

 General Method of propagation:
• Autorun feature

Aliases:
•  Bitdefender: Trojan.Generic.3910668
•  Panda: W32/P2Pworm.HK
•  Eset: Win32/AutoRun.IRCBot.FC

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003

Side effects:
• Third party control
• Lowers security settings
• Drops malicious files
• Registry modification

Description inserted by Petre Galan on Thursday, October 21, 2010
Description updated by Petre Galan on Thursday, October 21, 2010

View the original article here

JS/iFrame.3184

 General Method of propagation:
• No own spreading routine

Alias:
•  GData: HTML/Iframe-inf

Platforms / OS:
• Windows 98
• Windows ME
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7

Side effects:
• Redirects to an infected website

Description inserted by Carlos Valero Llabata on Thursday, November 18, 2010
Description updated by Carlos Valero Llabata on Thursday, November 18, 2010

View the original article here

TR/Palevo.acd

Reported Infections: Low to medium Sorry, I could not read the content fromt this page.

View the original article here

TR/PCK.Katusha.O.3324

Reported Infections: Low to medium Sorry, I could not read the content fromt this page.

View the original article here

Thursday, November 18, 2010

Avira research shows computer users leave room for blackmail

Not having a backup makes users vulnerable to blackmail, but most of them are prepared for a loss of data.

Tettnang, 13 July 2010 – IT security expert Avira asked 2,917 participants of its May survey on www.free-av.com if they would have to pay a ransom in case of a loss or kidnapping of their data. The survey results bring to light that quite a few users aren’t very concerned and would easily fall victim to blackmail. However, most of the respondents did not have to worry about extortion because they regularly backed up their data.

Around 16 percent of the surfers (496) admitted they save photos, data and personal files on their PCs but do not create regular backups. If a data disaster or outbreak of a blackmail Trojan were to happen, all personal information, photos and addresses would be at risk. A ransom Trojan and a possible loss of files would catch them unprepared and cause them serious damage. Hence they confess they would be ready to pay a high amount to reclaim possession of the data. The survey also showed an alarming figure of 8 percent (233) that already fell victim to this type of data theft and had to pay a ransom.

Blackmail Trojans sneak just as easily onto PCs as any other malware. Avira strongly recommends that if you are attacked and blackmailed to pay for your data, you should not do it under any circumstances. Usually the victim is directed to a website where credit card information is collected. This site is used only to gather credit card data and to cause further financial damage to the victims by selling this data to third parties.

Furthermore, the victims should report the blackmail to the police and take general precautions, such as performing regular backups on an external hard drive and using a complete antivirus solution to detect and eliminate Trojans. Such a comprehensive solution is Avira Premium Security Suite, with the integrated Backup System.

Unlike those unprepared for data loss, a third of the respondents (968) take great care of their files. They act very prudent and save their data regularly. 25 percent (739) use their computers just for surfing and do not keep important files on them – an attempt to blackmail would not affect them at all. Furthermore, 18 percent (518) of the surfers said they could survive data loss since they don’t store personal data on their PCs.

The best insurance against data loss is an effective IT security solution combined with regular backups. Avira provides free basic protection with Avira AntiVir Personal – Free Antivirus. More extensive protection comes from Avira AntiVir Premium, which uses the WebGuard and MailGuard to filter out malware before it lands in the Web browser, which prevents it from reaching your computer. The license for one year costs $25.93.

The answer for all-round protection is Avira Premium Security Suite, as it supplements the features of Avira AntiVir Premium with a firewall to protect you against Internet attacks, a parental control feature, and a backup function. The solution is available for $51.93.

Avira survey 2010 Data Loss

View the original article here

Building the future: Avira goes ahead with second construction stage

Avira steps up expansion of corporate headquarters in Tettnang

November 10, 2010. Tettnang, Germany – Almost a year after the official construction kick-off of the company's new corporate headquarters, the second and final construction stage of the building with a total floor space of 13,600 square meters has begun. The building extension adds a total surface area of 4,400 square meters and should be finished and ready for move-in early 2012. Besides space for 140 additional workstations, the first floor of this new building will contain the company cafeteria. Also, the underground parking garage will be extended, offering an additional 32 parking spaces. The building extension will cost almost 8 million Euros.

Due to Avira's dynamic development both in international and domestic markets, the second construction phase was started earlier than scheduled. "Originally, we intended to start building the third wing of our corporate headquarters in 2015. But now it looks like we may not be able to wait any longer: We are moving into the building at the end of March 2011, almost completely filling the first section of the building. To facilitate further growth, we have now started the second construction stage," explained Tjark Auerbach, founder and CEO of Avira GmbH.

Avira’s corporate headquarters at a glance:

Total size: 13,600 square metersWorkforce in Tettnang (status 11/2010): 285Financing: Own resources as well as loans from the KfW bank groupExpected move-in date: 1st construction stage: scheduled for March 20112nd construction stage: scheduled for early 2012

View the original article here

Avira Survey Shows 50 Percent of People Are Concerned About Banking Online

One out of every three users have chosen not to access financial accounts online

Tettnang, November 11, 2010 – IT security expert Avira conducted a survey of computer users worldwide in September which showed that almost 50 percent of respondents admit to being wary of online banking, while one in five users feel secure while banking online. One out of every three users have chosen not to access financial accounts online.

In the survey, which was posed to Avira’s 100 million customers worldwide, a random sampling of users responded to the online survey asking if they trust online banking or if they have concerns about security while accessing information online. There were 3,127 responses which broke down in the following manner:

20.5% - Of course, I feel secure.48.5% - I do online banking, but I am concerned about the increase of Internet crime.31% - I never do online banking, due to security concerns and instead go in person to the bank.

“It’s a good sign to learn that almost half of the people we polled at least had some concerns with banking online and eye opening that almost one out of three just didn’t practice online banking in any form whatsoever,” said Sorin Mustaca, data security expert of Avira GmbH. “This proves that financial institutions have a long way to go before they persuade most of their customers to trust doing business online. The reason for this lack of trust comes from the fact that almost all banks have been targets of phishing attacks and other security threats. In addition, the software security industry has to do more in this area to ensure safety online. We must give to all Internet users the freedom to do whatever they want to do without fear.

Mustaca says that online freedom should come through education and by using reliable security products. He offers some basic tips to stay safe while online:

Always take great care when opening attachments in emailsDo not visit sites which you don’t know or have a bad reputationDon’t install programs coming from unknown sourcesNever, ever give your financial details as a response to any emailBe sure to install an antivirus solution and make sure it is updated regularlyMake sure your computer’s operating system is regularly updated

Results Avira question of the month


View the original article here

Avira survey shows 1 in 3 people think all websites pose security threat

Tettnang, 31 August 2010 – IT security expert Avira conducted a survey of computer users worldwide in July which shows that more than 1 in 3 people admit that "when it comes to security, all websites are equally dangerous, all over the Internet."

In the survey, which was posed to Avira’s 100 million customers worldwide, a random sampling of users were asked “Where do you suspect is the greatest danger of malware infection on the Internet?” There were 3,325 responses which broke down in the following manner:

12.59% - Browser games (Poker, etc.) are really popular – the danger here is very high22% - Visitors are exposed to such dangers especially on websites with pornographic content26.69% - So-called Warez sites, which offer illegal software, are extremely dangerous4.14% - Big portals are particularly vulnerable, due to their popularity34.5% - When it comes to security, all websites are equally dangerous, all over the Internet

“On one hand, it’s encouraging to see that over 33 percent of our user base has learned that security threats can come from any website, but it’s also a statement on our society at large when 1 out of every 3 people can’t trust any of the websites they visit,” said Sorin Mustaca, data security expert of Avira GmbH. “Our survey shows that consumers are becoming increasingly aware of the dangers they can be exposed to while browsing, and we at Avira are very happy to be able to help our users to stay safe while surfing the Internet.”

Avira survey chart - Web Safety

View the original article here

Sunday, November 14, 2010

TR/Swisyn.ahql

Reported Infections: Low to medium Sorry, I could not read the content fromt this page.

View the original article here

Saturday, November 13, 2010

WORM/IrcBot.77824.2

 General Methods of propagation:
• Local network
• Messenger

Aliases:
•  Kaspersky: Net-Worm.Win32.Kolab.kzg
•  TrendMicro: WORM_KOLAB.LMW
•  F-Secure: Net-Worm.Win32.Kolab.kzg
•  Bitdefender: Backdoor.IRCBot.ADAF
•  Panda: W32/P2PWorm.NW
•  VirusBuster: Worm.Kolab.DYU
•  GData: Backdoor.IRCBot.ADAF
•  DrWeb: Trojan.AVKill.2278

Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7

Side effects:
• Lowers security settings
• Downloads malicious files
• Registry modification

Description inserted by Irina Diaconescu on Thursday, November 4, 2010
Description updated by Andrei Ivanes on Tuesday, November 9, 2010

View the original article here

W32/Sality.ac

 General Method of propagation:
• Infects files

Aliases:
•  Symantec: W32.Sality.AM
•  Kaspersky: Virus.Win32.Sality.af
•  Bitdefender: Win32.Sality.OX2
•  Microsoft: Win32/Sality.AM
•  Eset: Win32/Sality.AF

Platforms / OS:
• Windows 95
• Windows 98
• Windows 98 SE
• Windows NT
• Windows ME
• Windows 2000
• Windows XP
• Windows 2003

Side effects:
• Blocks access to certain websites
• Blocks access to security websites
• Disable security applications
• Infects files

Description inserted by Razvan Olteanu on Thursday, November 4, 2010
Description updated by Razvan Olteanu on Friday, November 5, 2010

View the original article here