Security Hero Rotating Header Image

Botnet

4334

4334

IRC/SdBot, JS/Exploit.Pdfka.NLC, Win32/AutoRun.ABH, Win32/AutoRun.FakeAlert.AF (2), Win32/AutoRun.FakeAlert.CV (2), Win32/AutoRun.FlyStudio.PJ, Win32/Flyagent.NBT, Win32/FlyStudio.NRL (2), Win32/Httpbot.XS, Win32/IRCBot.AMQ (2), Win32/KillAV.NEQ (2), Win32/KillAV.NER, Win32/Kryptik.AEP, Win32/PcClient (2), Win32/PSW.Consgra.A (2), Win32/SpamTool.Tedroo.AB (2), Win32/Spy.Banbra.NPZ, Win32/Spy.Banker.RMQ, Win32/Spy.Banker.SAA, Win32/Spy.Banker.SAD, Win32/Spy.Zbot.JF (3), Win32/TrojanClicker.Agent.NGR

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6367&Itemid=26

4273

4273

INF/Autorun, Win32/AdClicker.NAF (2), Win32/Agent.PWO, Win32/AutoRun.FakeAlert.AF, Win32/Flyagent.NBP, Win32/Flyagent.NBQ, Win32/Injector.TU, Win32/Peerfrag.CP, Win32/Protector.C, Win32/PSW.Delf.NQU (2), Win32/Spy.Banbra.NSA (2), Win32/Spy.Banbra.NSB (2), Win32/Spy.Banbra.NSC (2), Win32/Spy.Banbra.NSD (2), Win32/Spy.Banbra.NSE (2), Win32/Spy.Banker.OXC, Win32/Spy.Banker.PBI (3), Win32/Spy.Delf.NWK (2), Win32/Spy.Zbot.JF (4), Win32/Spy.Zbot.TK, Win32/Spy.Zbot.TL, Win32/TrojanDownloader.FakeAlert.AEL, Win32/TrojanDropper.Agent.OFY (2), Win32/VB.OJJ (2)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6292&Itemid=26

Adobe Reader / Acrobat and Flash Remote Code Execution

Adobe Reader / Acrobat and Flash Remote Code Execution

Summary:

Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in multiple Adobe products through SWF.

Impact:

Remote Code Execution.

Affected Software:

  • Adobe Reader and Acrobat 9.1.2 and earlier 9.x versions
  • Adobe Flash Player 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions

Solutions:

  • The FortiGuard Global Security Research Team released a signature “Adobe.Products.SWF.Remote.Code.Execution”, which covers this specific vulnerability.
  • Apply the suggested workaround from Adobe

The FortiGuard Global Security Research Team continues to monitor attacks against this vulnerability.

Fortinet customers who subscribe to Fortinetˇ¦s intrusion prevention (IPS) service should be protected against this remote code execution vulnerability. Fortinetˇ¦s IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by the FortiGuard Global Security Research Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat’s lifecycle.

References:

URL: http://www.fortiguardcenter.com/advisory/FGA-2009-29.html

Its summer…Do you know what your kids are doing?, (Fri, May 29th)

Its summer…Do you know what your kids are doing?, (Fri, May 29th)

School is over or about to be over for many kids. With that comes many families whose parents work and kids will be left at home to relax and enjoy their summer vacation. This means alot of free time and an internet out there just waiting to be explored. Everyone is aware of the need to keep your kids safe while on the internet. But in some cases, there is a need to keep the internet and others safe from your kids. Let me explain that last comment. Kids with too much time on their hands get into trouble. You hear about it all the time on the news with kids getting into trouble with things such as vandalism, stealing,etc. What about kids getting into trouble on the internet?
Do a google search on the phrase teenage hacker and see what comes up. Kids are curious and learn fast. The internet can become a playground for them to explore and test out cool new programs and tools they find on the internet or write themselves. Chat rooms are available where kids can learn many things from others and want to try them for themselves. They can also get pulled into the wrong crowd on the internet and get in way over their heads fast. They may not even see anything wrong with it, its just computers after all.
Most of the filtering technology today focuses on web traffic. What are your kids looking at on the web. That is a good thing, but there are many other ports and protocols available and nothing watching them. Would you know if your child was running a botnet? Stealing credit card numbers? Hacking into websites? Its not a game and there are real consequences to it, even sometimes when the intent may have been to do good.Here are some recent examples:
Nineteen-year-old Dmitriy Guzner from New Jersey was part of an underground hacking group named ‘Anonymous’ that targeted the church with several attacks. He could face ten years in prison on computer hacking charges and is due to be sentenced on August 24. http://www.securecomputing.net.au/News/144850,teenage-hacker-pleads-guilty-to-church-of-scientology-cyber-attacks.aspx

Twitter has announced a review into four worm attacks on the site as a teenage hacker admits he could be jailed for his role in the stunt. http://news.sky.com/skynews/Home/Technology/Twitter-Worm-Attack-Biz-Stone-Announces-Review-As-Teenage-Hacker-Michael-Mooney-Speaks-Out/Article/200904215261579
A teenage hacker whose campaign to expose holes in Internet security sparked an FBI investigation was being sentenced in court today. http://www.independent.co.uk/news/business/news/teenage-hacker-to-be-sentenced-for-internet-crusade-676871.html

As parents, we need to also talk to our kids about the other dangers that are on the internet. Dangers such as hacking, virus making, botnet creation, stealing, etc. You may think your child is doing nothing but sitting on a computer playing. But keep in mind that computer on the internet is a portal to a whole nother world.

URL: http://isc.sans.org/diary.php?storyid=6490&rss

President Obama address nation on cyber security

President Obama address nation on cyber security

Within the past hour, President Obama addressed the nation from the White House to emphasize the importance of cyber security, to announce the release of the administration’s report of its 60-day cyberspace policy review, and to announce the creation of a new White House position, the Coordinator of National Cyber Security.

This represents an enormous step forward in national awareness of the role cyber security in general and malware in particular play in our economy and our physical security. Having the "leader of the free world" describe the threat of botnets and spyware on national television will expand press and citizen interest in this issue.

As important as the threats, though, are the freedoms that the President discussed. He emphasized the importance of preserving both personal privacy and net neutrality while securing our infrastructure. He also pointed out that this will require a collaborative effort amongst individuals, schools, corporations, and governments from the local level through the national level, not just in the U.S., but internationally, as well.

The attention is an important start, but of course execution is the key. Melissa Hathaway, Cybersecurity Chief at the National Security Council, posted some information about the policy review she led, as well as links to the report (PDF) and to the papers that informed the report. Based on a preview of the report that Melissa Hathaway delivered at the Kennedy School last night, I expect the administration is moving in the right direction. I look forward to reading the report, and I encourage others to do so, as well. Meanwhile, it’s up to all of us to work together to build a safer Internet. StopBadware looks forward to playing a role in bringing together the people, the organizations, and the data that make this possible.

URL: http://blog.stopbadware.org/2009/05/29/president-obama-address-nation-on-cyber-security

4116

4116

BAT/Qhost.NBP (2), INF/Autorun (3), PDF/Exploit.Pidief.ONM, PDF/Exploit.Pidief.ONN (2), PDF/Exploit.Pidief.ONO, PDF/Exploit.Pidief.ONP (2), Win32/Adware.BHO.NCX, Win32/Adware.Coolezweb (4), Win32/Adware.InternetAntivirus, Win32/Adware.PersonalAntivirus, Win32/Adware.SpywareRemover, Win32/Adware.SystemSecurity (18), Win32/Agent.PMR (2), Win32/Agent.WPI, Win32/AntiAV.AZQ, Win32/AntiAV.NAO (2), Win32/AutoRun.ABH, Win32/AutoRun.ADR (2), Win32/AutoRun.FakeAlert.BR, Win32/AutoRun.FakeAlert.M, Win32/AutoRun.VB.CN (2), Win32/Bagle.RG, Win32/Delf.NSQ (3), Win32/Dialer.NHQ (3), Win32/Dialer.NHR (3), Win32/FlyStudio.NMJ, Win32/FlyStudio.NMK, Win32/Hupigon.NPD, Win32/Injector.PK, Win32/IRCBot.ADZ, Win32/Koobface.NBG (2), Win32/Koutodoor.AB, Win32/Koutodoor.AD, Win32/Koutodoor.AE (4), Win32/Koutodoor.G, Win32/Kryptik.QY, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), Win32/Olmarik.IB, Win32/Peerfrag.BA, Win32/Peerfrag.BG, Win32/Peerfrag.BH, Win32/Popwin.NBJ (2), Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY, Win32/PSW.OnLineGames.OKC, Win32/PSW.Small.NBE (4), Win32/Qhost, Win32/Qhost.NIJ (2), Win32/Rootkit.Agent.KZU, Win32/Rootkit.Ressdt.NBS, Win32/Spy.Banker.QRW (2), Win32/Spy.Banker.QYO (3), Win32/Spy.Banker.QZB (2), Win32/Spy.Banker.QZC (2), Win32/Spy.Goldun.NFA, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.PG (2), Win32/Spy.Zbot.RD, Win32/Spy.Zbot.RN, Win32/Tifaut.C (4), Win32/TrojanDownloader.Agent.PCZ, Win32/TrojanDownloader.Agent.PDA, Win32/TrojanDownloader.Agent.PDB, Win32/TrojanDownloader.Agent.PDC, Win32/TrojanDownloader.Agent.PDD, Win32/TrojanDownloader.Bagle.NBJ, Win32/TrojanDownloader.Bredolab.AB, Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ABV, Win32/TrojanDownloader.Small.OPS (2), Win32/TrojanDownloader.Zlob.CZK, Win32/VB.NHD, Win32/VB.OEY (2), Win32/Wigon.KX

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6085&Itemid=26

Microsoft DirectShow Remote Code Execution Vulnerability

Microsoft DirectShow Remote Code Execution Vulnerability

Summary:

Fortinet’s FortiGuard Global Security Research Team investigates a vulnerability in Microsoft DirectX (DirectShow) through a specially crafted QuickTime media file.

Impact:

Remote Code Execution.

Affected Software:

  • DirectX 7.0 on Microsoft Windows 2000 Service Pack 4
  • DirectX 8.1 on Microsoft Windows 2000 Service Pack 4
  • DirectX 9.0 on Microsoft Windows 2000 Service Pack 4
  • DirectX 9.0 on Windows XP Service Pack 2 and Windows XP Service Pack 3
  • DirectX 9.0 on Windows XP Professional x64 Edition Service Pack 2
  • DirectX 9.0 on Windows Server 2003 Service Pack 2
  • DirectX 9.0 on Windows Server 2003 x64 Edition Service Pack 2
  • DirectX 9.0 on Windows Server 2003 with SP2 for Itanium-based Systems

Solutions:

  • The FortiGuard Global Security Research Team released a signature “MS.DirectShow.NULL.Byte.Overwrite”, which covers this specific vulnerability.

The FortiGuard Global Security Research Team continues to monitor attacks against this vulnerability.

Fortinet customers who subscribe to Fortinetˇ¦s intrusion prevention (IPS) service should be protected against this remote code execution vulnerability. Fortinetˇ¦s IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by the FortiGuard Global Security Research Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat’s lifecycle.

References:

URL: http://www.fortiguardcenter.com/advisory/FGA-2009-20.html

Time Warner spins off AOL

Time Warner spins off AOL

TIME-WARNER is divorcing AOL and chucking it out into the cold and the snow. Before the separation can take place, Time Warner will buy the five per cent of AOL owned by Google so that it will have 100 per cent control.

Google is likely to want that because it has no interest in AOL these days. In a press release Time Warner CEO Jeff Bewkes said a separation will be the best outcome for both Time Warner and AOL.

It will be another critical step in the reshaping of Time Warner that was started at the beginning of last year, enabling both outfits to focus to an even greater degree on their core content businesses. This is management speak for we don’t want it and we don’t know why we ever bought it.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31498

Advanced Two-Way Firewall for Mac OS X unveiled

Advanced Two-Way Firewall for Mac OS X unveiled

ProteMac has announced ProteMac NetMine 1.2, their network firewall for Mac OS X. ProteMac NetMine intercepts all network activity traveling from and to your Mac and from every an application of your Mac. NetMine firewall can prevent all unwanted outside and inside traffic from reaching protected machines.

Firewall can restrict or prevent outright the spread of networked computer worms, trojans, viruses and malware. NetMine firewall is a new breed of information security technology designed to protect Mac OS X computers from attack from outside network and from software on your computer.

The two-way firewall stops inappropriate or malicious access to your computer from both internal and external network sources. As a frontline defense, it prevents malware from spreading, providing protection against hackers, loss of personal data, unknown malware, and unauthorized program activity.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31491

4114

4114

IRC/SdBot, Win32/Adware.Coolezweb (5), Win32/Adware.InternetAntivirus, Win32/Agent.WPI, Win32/AutoRun.Autoit.P, Win32/AutoRun.Delf.CB (2), Win32/AutoRun.IRCBot.AM (2), Win32/BHO.NLG, Win32/Kryptik.QW, Win32/Olmarik.HG (4), Win32/PSW.YahooPass.AF, Win32/Spy.Webmoner.NBN, Win32/Spy.Zbot.CK, Win32/TrojanClicker.Delf.NBA, Win32/TrojanClicker.Delf.NDS, Win32/TrojanClicker.Delf.NFC, Win32/TrojanDownloader.Adload.FIB (2)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6083&Itemid=26

4113

4113

BAT/Agent.NBW, PDF/Exploit.Pidief.ONK, Win32/Adware.Antivirus2008 (2), Win32/Adware.Coolezweb (2), Win32/Adware.InternetAntivirus (5), Win32/Adware.SystemSecurity (4), Win32/Agent.NXT, Win32/Agent.PHC, Win32/Agent.PKT (2), Win32/Agent.WPI (4), Win32/AutoRun.Agent.OG, Win32/AutoRun.Agent.OH, Win32/AutoRun.Agent.OI, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.KS, Win32/AutoRun.VB.DQ, Win32/Boberog.AC, Win32/Dialer.NHP (2), Win32/Hupigon.NPB, Win32/Hupigon.NPC, Win32/Injector.PH, Win32/Injector.PI, Win32/IRCBot.ADZ (2), Win32/KeyLogger.BitLogic, Win32/NetPass (2), Win32/Obfuscated.NCY, Win32/Olmarik.HG (4), Win32/Poebot, Win32/Prosti.NCL (2), Win32/PSW.LdPinch.NJG, Win32/PSW.WOW.NKO (2), Win32/PSW.YahooPass.NAD (2), Win32/PSWTool.IEPassView.NAD, Win32/PSWTool.MailPassView.150, Win32/PSWTool.PassFox.111 (2), Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEJ, Win32/Spy.Banker.QZA, Win32/Spy.KeyLogger.NEC (2), Win32/Spy.Zbot.CK, Win32/Spy.Zbot.JF, Win32/Spy.Zbot.RL, Win32/Spy.Zbot.RM, Win32/StartPage.BR, Win32/StartPage.NKJ (3), Win32/TrojanClicker.Agent.NGT (2), Win32/TrojanClicker.VB.NHG (2), Win32/TrojanClicker.VB.NHH, Win32/TrojanDownloader.Agent.PAQ (2), Win32/TrojanDownloader.Agent.PCY, Win32/TrojanDownloader.Bredolab.AB (2), Win32/TrojanDownloader.FakeAlert.UX, Win32/TrojanDownloader.Small.NTQ (3), Win32/TrojanDownloader.Small.OCS (2), Win32/TrojanDownloader.Small.OOT, Win32/TrojanDownloader.Small.OPP, Win32/TrojanDownloader.Small.OPR, Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.VB.NHW, Win32/TrojanProxy.Wintu.B

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6082&Itemid=26

4111

4111

INF/Autorun, Win32/Adware.Coolezweb, Win32/Adware.SuperJuan.D, Win32/Adware.Virtumonde.NEX, Win32/Adware.Virtumonde.NFI, Win32/Adware.Virtumonde.NFJ, Win32/Adware.XPGuard, Win32/Agent.PFE, Win32/Agent.PKT, Win32/Agent.PMJ, Win32/AutoRun.IRCBot.AL (2), Win32/BHO.NOR, Win32/Buzus.ASBH, Win32/Delf.IIC, Win32/Delf.ODS (2), Win32/Delf.OJC (2), Win32/Hatob.E, Win32/Injector.MI, Win32/Injector.MW, Win32/Injector.NF, Win32/Injector.OY, Win32/Injector.PD, Win32/Injector.PE, Win32/Injector.PF, Win32/Joleee.NG, Win32/KeyLogger.Ardamax.NAR, Win32/Koobface.NBG, Win32/Koutodoor.AB, Win32/Koutodoor.AC (2), Win32/Koutodoor.G, Win32/Koutodoor.V (2), Win32/Kryptik.LM, Win32/Kryptik.MC, Win32/Kryptik.MV, Win32/Kryptik.PN, Win32/Kryptik.PP, Win32/Kryptik.PT, Win32/Kryptik.QA, Win32/Kryptik.QE, Win32/Kryptik.QJ, Win32/Kryptik.QQ, Win32/Kryptik.QT, Win32/Kryptik.QU, Win32/PcClient.NDP, Win32/PcClient.NDV, Win32/Proxec.C, Win32/ShipUp.NAI, Win32/Small.YBE, Win32/SpamTool.Agent.NCL (3), Win32/Spy.Agent.NKZ, Win32/Spy.Agent.NMB, Win32/Spy.Bankpatch.BE, Win32/Spy.Zbot.AD (2), Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.RK, Win32/Tinxy.AD, Win32/TrojanClicker.Delf.BLW, Win32/TrojanDownloader.Agent.BICX, Win32/TrojanDownloader.Agent.PAC, Win32/TrojanDownloader.Banload.OOT, Win32/Votwup.A

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6080&Itemid=26

4110

4110

BAT/TrojanDownloader.Ftp.NDM, BAT/TrojanDownloader.Ftp.NDN, IRC/SdBot (2), PDF/Exploit.Pidief.ONF, Win32/Adware.AntiVirus1, Win32/Adware.Antivirus2008, Win32/Adware.AntivirusPlus (2), Win32/Adware.BHO.NCX, Win32/Adware.MySideSearch, Win32/Adware.NaviPromo (2), Win32/Adware.PersonalAntivirus (2), Win32/Adware.PrivacyComponents, Win32/Adware.UltraAntivirus2009 (3), Win32/Adware.Virtumonde (2), Win32/Adware.WinPCDefender, Win32/Agent.DKR (2), Win32/Agent.PGA, Win32/Agent.PKT, Win32/Agent.PMI (3), Win32/AntiAVNAK (2), Win32/Autoit.FV (2), Win32/AutoRun.FlyStudio.KC, Win32/AutoRun.IRCBot.AK, Win32/AutoRun.KS, Win32/AutoRun.VB.CX (2), Win32/AutoRun.VB.DP (2), Win32/Bagle.RD, Win32/BHO.NOR, Win32/Delf.ODU, Win32/Delf.OJB, Win32/Dialer.NAD, Win32/Hupigon.NOU, Win32/KillAV.NDT (4), Win32/KillProc.NAF, Win32/Kryptik.QR, Win32/Kryptik.QS, Win32/Mebroot.BL, Win32/Mebroot.BM (2), Win32/Mebroot.BN (2), Win32/Olmarik.GW, Win32/Olmarik.HG (2), Win32/Olmarik.HX (2), Win32/Olmarik.HY (2), Win32/Olmarik.HZ (2), Win32/OlmarikIA (2), Win32/Patched.AW, Win32/PcClient.NDW, Win32/Peerfrag.BD, Win32/Peerfrag.BE, Win32/PSW.Agent.NJL, Win32/PSW.OnLineGames.NMP (7), Win32/PSW.OnLineGames.NMY (11), Win32/PSW.OnLineGames.NNU (4), Win32/PSW.OnLineGames.ODJ (2), Win32/PSW.OnLineGames.OKC, Win32/PSW.OnLineGames.OKD, Win32/PSW.OnLineGames.XTT, Win32/Rootkit.Agent.NLY (2), Win32/Rustock.NIL (2), Win32/SpamTool.Agent.NCL, Win32/Spy.Banker.QYV (2), Win32/Spy.Banker.QYW (2), Win32/Spy.Banker.QYX (2), Win32/Spy.Zbot.JF (2), Win32/Spy.Zbot.RK, Win32/TrojanClicker.Delf.NHF, Win32/TrojanDownloader.Agent.OXA, Win32/TrojanDownloader.Agent.PCX, Win32/TrojanDownloader.Delf.ORH, Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ACE, Win32/TrojanDownloader.FakeAlert.ACT, Win32/TrojanDownloader.Small.OCS, Win32/TrojanDownloader.VB.NXX (2), Win32/TrojanDownloader.Zlob.CUG, Win32/TrojanDownloader.Zlob.CZW (2), Win32/TrojanDropper.Mudrop.NAM, Win32/TrojanDropper.VB.NHX (3), Win32/TrojanProxy.Small.NCA, Win32/Wigon.KU (2)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6079&Itemid=26

4107

4107

BAT/Qhost.NBP (2), Win32/Adware.PersonalAntivirus (3), Win32/Adware.SystemSecurity (3), Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (6), Win32/Agent.CCWW, Win32/Agent.NYJ (2), Win32/Agent.PMD, Win32/AutoRun.ABH (4), Win32/AutoRun.FakeAlert.AF, Win32/AutoRun.FlyStudio.KA, Win32/Delf.NSE, Win32/Injector.PA, Win32/Koobface.NBG (2), Win32/Kryptik.QM, Win32/Qhost, Win32/Spy.Banker.QQJ (3), Win32/Spy.Webmoner.NBR (3), Win32/Spy.Zbot.JF, Win32/TrojanDownloader.Agent.OZA, Win32/TrojanDownloader.DelfOTP, Win32/TrojanDownloader.Small.NZM, Win32/TrojanDropper.Agent.OBC

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6076&Itemid=26

4106

4106

BAT/Agent.NBV (2), INF/Autorun, Win32/Adware.PersonalAntivirus, Win32/Adware.SystemSecurity, Win32/Adware.SystemSecurity.AA, Win32/Adware.WinPCDefender (2), Win32/Agent.CIHM, Win32/Agent.NYI (6), Win32/Agent.PLZ (2), Win32/Agent.PMA, Win32/Agent.PMB (3), Win32/Agent.PMC, Win32/Autoit.AG, Win32/BHO.NOR, Win32/Buzus.AZGJ, Win32/Daonol.B, Win32/Daonol.C, Win32/Delf.NFV (2), Win32/Delf.ODU, Win32/Delf.OIY, Win32/Delf.OIZ (2), Win32/FlyStudio.NMG (2), Win32/Hupigon.NOY (2), Win32/Koutodoor.AA (3), Win32/Koutodoor.G, Win32/Kryptik.QK, Win32/Kryptik.QL, Win32/Olmarik.GW (2), Win32/Olmarik.HG (4), Win32/Rootkit.Ressdt.NBO, Win32/SpamTool.Agent.NCL, Win32/Spy.Agent.NNS, Win32/Spy.Banbra.NPQ, Win32/Spy.Banker.QNJ, Win32/Spy.KeyLogger.ME (4), Win32/Spy.VB.NDV, Win32/Spy.Zbot.JF (3), Win32/Spy.Zbot.NJ, Win32/Spy.Zbot.RI, Win32/Spy.Zbot.RJ, Win32/StartPage.NJS, Win32/TrojanClicker.Delf.NDJ, Win32/TrojanClicker.Delf.NDK, Win32/TrojanClicker.Delf.NDR (3), Win32/TrojanClicker.Delf.NGK, Win32/TrojanClicker.Delf.NGM, Win32/TrojanClicker.Delf.NHF, Win32/TrojanClicker.VB.NHF, Win32/TrojanDownloader.Agent.OYF, Win32/TrojanDownloader.Delf.OIF, Win32/TrojanDropper.Agent.OBB, Win32/TrojanDropper.Mudrop.ABZ, Win32/VB.OES (3)

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6073&Itemid=26