Don Davidson Computer / TOP VIRUSES

Don Davidson Computer

Viruses - Keep Your AntiVirus/AntiSpyware Up to Date!

Careful Three in five free music downloads on Limewire have VIRUSES!

Latest Viruses Below

The Latest

Worst Viruses

From Sophos

More Here

Click here for a list of virus/worm removal
tools from Norton/Symantec

Live up to date virus reports here
New! Live Virus Threat Information (Continually Updated)
A new feature page that provides you constantly updated virus threat
information from three well-respected Anti-Virus Services.

virus:
A program that attempts to spread from computer to computer, often via e-mail, by attaching itself to a host program. It may damage hardware, software, or data.

worm:
A stand-alone, self-replicating program that usually consumes memory, thus causing a computer to slow or stop responding.

Fake Windows XP activation trojan.
11-20-08

Known as Kardphisher and “in the wild” since April, 2007, last week the malware author of this trojan horse mimicking the Windows XP activation interface while collecting the credit card details the end user has submitted, has made significant changes to visual interface and usability of the trojan, consequently improving its authenticity. Guess what happens when a gullible end user falls victim into this social engineering attack?
Their credit card details end up automatically into an IRC channel specifically set for that purposes.

“Hello kitten” - malware spammed out in sexy picture email
11-3-08

Do you know anyone who might call you “kitten”?

Is she in the habit of sending you sexy photos?

If you answered yes to any of the above questions, then you might be at risk of a virus infection - especially if you receive an email with the subject line “I am free… :)” looking like this:

Malicious hello kitten email

Whatever you do - don’t open that attachment. Even though it pretends to be a digital photograph made on a Pentax camera, it’s nothing of the sort.

The email isn’t really from an old flame, and the attached file isn’t really a sexy photo but a copy of the Troj/Agent-ICW Trojan horse.

Beware the fake Windows Security Center

Windows XP Service Pack 2 added the Windows Security Center, a central location, accessible from Control Panel, where you can view the status and make changes to security related settings. A new Trojan is out there that installs a fake Security Center interface that nags you to install "Windefender 2008." Some users would logically assume that this is a new version of Windows Defender, but it's not. The really insidious part is that the program also interferes with your Internet connection, blocking you from downloading anything else until you pay $40.00 for the fake software. Read more about this scam here:
http://www.wxpnews.com/75XE59/081021-Research-Blog

Fake MS Update notifications by email.
10-15-2008
Malicious attackers are once again taking advantage of event-based social engineering attacks, and are currently mass mailing fake notifications for Microsoft’s Patch Tuesday, attaching a copy of Trojan.Backdoor.Haxdoor, next to a legitimately looking PGP signature which is, of course, fake too .

Furthermore, this backdoor opens several TCP ports that allow remote attackers to connect to the comprmised PC and execute files, steal information from it, or upload and download files. The attachment’s file name varies, but uses the convention KBxxxxxx.exe, where xxxxxx is a random 6-digit number. Below are some of the file names we’ve seen, and are being used:

KB199250.exe
KB246586.exe
KB535548.exe
KB572906.exe
KB763412.exe

AntiVirus 2008 or 2009 - TOP Threat! The threat looks like this and this.
9-2008
A rogue anti-malware program that displays false virus results and requires you to first purchase the software before you can remove anything. When installed, Antivirus 2008 or 2009 will scan your computer and list a variety of infections found on your computer. Results are fake and they are just trying to scam you into purchasing the software.
This program is typically known to infect a computer just after performing an install of specific video codec or an infected email link. This corrupted video codec is usually distributed with a Trojan, Malware and Virus. It is crucial to remove all the components of XP Antivirus and all malware and trojans such as zlob.trojan, trojan.vundo and trojan.downloader that may have been installed along with it.

Free Tool Very effective against this threat:
Malwarebytes' Anti-Malware

Or for the geeks among us:
How to manually remove XP Antivirus:
Navigate to Start-> Run, type cmd in the box and click Open
In the command window, type regsvr32 /u shlwapi.dll and press Enter
Next type regsvr32 /u wininet.dll and press Enter
Next Press Ctrl + Shift + ESC

Right click on XPAntivirus.exe from the processes window and select the option to end process
Right click on XPAntivirusUpdate.exe from the processes window and select the option to end process
Navigate to Start-> Search, then click on Files and Folders. Search for and delete the following files:
XPAntivirus.exe
XPAntivirusUpdate.exe
shlwapi.dll
wininet.dll
XP Antivirus 2008.lnk
Uninstall XP Antivirus 2008.lnk
XP antivirus
XPAntivirus.lnk
Uninstall XPAntivirus.lnk
XPAntivirus on the Web.lnk
XPAntivirus.url
Navigate to Start-> Run, type regedit in the box and click Open
Delete XP antivirus in the following path: HKEY_USERS\Software\
Restart your PC and everything should be back to normal

Virus infects BOGUS FedEx Tracking email
8-2008
Subject: Fedex Tracking Number 4296240370

Virus: Win32:Rootkit-gen

Message:
Unfortunately we were not able to deliver postal package you sent on August the 1st in timebecause the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office

Is that really Barack Obama in that video?
----
As the US Presidential fight hots up, hackers have attempted to infect millions by sending an email claiming to contain a link to an incriminating video of Barack Obama. Salacious surfers and followers of hot political news may be tempted to watch the video, but risk being infected by malicious code. Watch our video to find out the truth behind this campaign.
http://www.sophos.com/blogs/gc/g/2008/09/10/barack-obama

Beware malware fallout from fake nuclear explosion emails
----
SophosLabs has intercepted a widespread malicious spam campaign that claimed there had been a powerful explosion at a nuclear power station outside London. According to the email, the government have stopped the media reporting about the incident and prevented anyone affected by it contacting the outside world. As you may have suspected, opening the email attachment is not a good idea... Learn more about this new threat now.
http://www.sophos.com/blogs/gc/g/2008/09/11/nuclear-email

No, your internet access is not being suspended
----
Emails claiming that "your internet access is going to get suspended", have been widely distributed across the net. Claiming that the receipient has committed "illegal activities" such as pirating software, movies or music, the attachment is in fact designed to infect PCs. Sophos advises on the threat, and tells users what to look out for.
http://www.sophos.com/blogs/gc/g/2008/09/12/your-internet-access

Back to the top

Back to the top

to
Back to Virus and Security Main Page