regsrv.exe

April 15, 2009 10:17:00 AM CEST

Trojan-Dropper.Win32.Agent.albv – This Trojan has a malicious payload. It is a Windows PE EXE file. It is 23552 bytes in size. Installation The Trojan copies its executable file as follows: %WinDir%\system\svhost.exe In order to...

September 25, 2009 1:51:00 PM CEST

Backdoor.Win32.Clampi.a – This Trojan spy program is designed to steal confidential user data and remotely manage the victim machine. It is a Windows PE EXE file. It is 470 bytes in size. Installation When launched, the Trojan creates the following file: %AppData%\.exe

April 15, 2009 11:17:00 AM CEST

Trojan-Dropper.Win32.Agent.albv – This Trojan has a malicious payload. It is a Windows PE EXE file. It is 23552 bytes in size. Installation The Trojan copies its executable file as follows: %WinDir%\system\svhost.exe In order to ensure that the Trojan is launched automatically when the system is rebooted, the Trojan adds a link...

September 28, 2009 1:21:14 PM CEST

Trojan Downloader.Agent.UZM – A new Trojan Downloader was spammed today. Trojan is attached in zip archive to emails in HTML format with subject "Hot game" and body text that claims some Angelina Jolie or Lara Croft undressing game. xgame.zip attachment contains xgame.exe (20992B) which drops executes and deletes kernel driver C:\WINDOWS\System32\drivers\runtime.sys and downloads another downloader smartdrv.exe. runtime.sys runs injects and hides Iexplore.exe process and downloads another components. xgame.exe is detected as Trojan Downloader.Agent.UZM, smartdrv.exe is detected as Trojan Downloader.Agent.UZN, runtime.sys is detected as Trojan Downloader.Agent.THW and other downloaded components are detected as several variants of Trojan Backdoor.Ntrootkit.

October 5, 2009 3:55:41 PM CEST

I-Worm/Nuwar – We have a new wave of spammed mail messages containing link directing users to website where the worm could be downloaded. Emails contains short text and IP address of currently working pages with worm. In this case downloaded filename is withlove.exe and it's about 115kB in size. Websites and worm files changes every few minutes. AVG detects withlove.exe as I-Worm/Nuwar.L.

September 28, 2009 1:21:14 PM CEST

I-Worm/Nuwar – Propagation method of new Nuwar variant is still similar to its precedessors. Spammed mails with link in IP format directs users to the worm web pages where the users are prompted to download one of the worm files with the name funny.exe. Names of other downloadable files are kickme.exe and foolsday.exe. AVG detects this threat as I-Worm/Nuwar.R.

September 1, 2010 3:18:25 AM CEST

Zeus Botnet Attacks via FedEx Scam – Yesterday we discovered a new Zeus campaign. Most of the messages associated with the new spam campaign are linked to the Asprox botnet. This time, the focus is on FedEx. Most of the attachments start with either FedExDoc[randomnumbers].exe or FedExInvoice[randomnumbers].exe. Those attachments are recognized as the Bredolab Trojan, which will download the Zeus component. This Zeus variant [...]

September 28, 2009 1:21:14 PM CEST

I-Worm/Stration downloader – Latest Stration downloader spreads by email in messages with randomly generated subject and body with one EXE and one PDF file attached. EXE file is 20992B in size and it`s downloader itself which is detected by AVG as I-Worm/Stration.FJA. The file downloader tryes to download is already detected as I-Worm/Stration. More information about Stration worm familly can be found in the Virus Encyclopedia.

February 6, 2009 2:38:00 PM CET

Exploit.Win32.Agent.mee – This malicious program is a Trojan. It is a Windows PE EXE file. The size of infected files can range from 70KB to 260KB. It is not packed in any way. It is written in Delphi. Installation Once...

January 27, 2009 9:01:00 AM CET

Trojan-Downloader.Win32.QQHelper.aoc – This Trojan downloads other programs via the Internet and launches them for execution on the victim machine without the user’s knowledge or consent. It is a Windows PE EXE file. It is 20480...

» The Latest Computer Security News