Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

New trojan claims to be WGA notification

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 25 May 2013
Posts: 10271
Location: sunny California
PostPosted: Thu Jun 29, 2006 7:21 pm    Post subject: New trojan claims to be WGA notification Reply with quote
Blogged here by me:

http://blogs.zdnet.com/Spyware/?p=838

Quote:
A new piece of very nasty malware has been recently discovered on spyware help forums, first here and again here. The file name is wgavn.exe and it creates a service named "Windows Genuine Advantage Validation Notification", as seen in this line in the HijackThis log.


There's more in the link.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 25 May 2013
Posts: 10271
Location: sunny California
PostPosted: Fri Jun 30, 2006 8:13 pm    Post subject: Reply with quote
More info here:

http://www.infoworld.com/article/06/06/30/HNwormmsantipiracy_1.html

It's an AIM worm -- good write up with info from Sophos in the article. Excerpt:

Quote:
The malware has been classified as a worm and spreads through AOL's Instant Messenger program, said Graham Cluley, senior technology consultant for Sophos, a security vendor.

Sophos is calling it W32.Cuebot-K, a new variation in the Cuebot family of malware. The worm has a range of malicious functions. After it's installed, the worm immediately tries to connect to two Web sites, a sign it may try to download other bad programs on the machine.

Cuebot-K can disable other software, shut off the Windows firewall, download new malicious programs, perform basic DDOS (distributed denial of service) attacks, scan local files and spawn a command prompt, Sophos said.

_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group