Spyware Removal Reviews

EXP/CVE-2011-3544.BL

Spyware Reviewer — Wed, 22 Feb 2012 15:12:08 +0000

Virus:	EXP/CVE-2011-3544.BL
Date discovered:	20/02/2012
Type:	Exploit
In the wild:	No
Reported Infections:	Low
Distribution Potential:	Low
Damage Potential:	Low
VDF version:	7.11.23.162 - Monday, February 20, 2012
IVDF version:	7.11.23.162 - Monday, February 20, 2012

General

Method of propagation:
• No own spreading routine

Alias:
• Eset: Java/TrojanDownloader.Agent.AD

Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
• Makes use of software vulnerability
• CVE-2011-3544

From EXP/CVE-2011-3544.BL at Spyware Removal Reviews.

W32.Ramnit.B!gen2

Spyware Reviewer — Wed, 22 Feb 2012 10:11:56 +0000

Discovered:: February 21, 2012
Updated:: February 21, 2012 4:35:41 PM
Type:: Virus
Systems Affected:: Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000

W32.Ramnit.B!gen2 is a heuristic detection that may include members of the W32.Ramnit.B family of threats.

Other resources
For more information, please see the following resource:
W32.Ramnit.B

Antivirus Protection Dates

Initial Rapid Release version February 21, 2012 revision 009
Latest Rapid Release version February 21, 2012 revision 009
Initial Daily Certified version February 21, 2012 revision 018
Latest Daily Certified version February 21, 2012 revision 018
Initial Weekly Certified release date pending

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 – 49
Number of Sites: 0 – 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy

From W32.Ramnit.B!gen2 at Spyware Removal Reviews.

EXP/2011-3544.BL.2

Spyware Reviewer — Wed, 22 Feb 2012 05:08:39 +0000

Virus:	EXP/2011-3544.BL.2
Date discovered:	20/02/2012
Type:	Exploit
In the wild:	No
Reported Infections:	Low
Distribution Potential:	Low
Damage Potential:	Low
VDF version:	7.11.23.162 - Monday, February 20, 2012
IVDF version:	7.11.23.162 - Monday, February 20, 2012

General

Method of propagation:
• No own spreading routine

Alias:
• Eset: Java/TrojanDownloader.Agent.AD

Side effects:
• Makes use of software vulnerability
• CVE-2011-3544

From EXP/2011-3544.BL.2 at Spyware Removal Reviews.

EXP/Pidief.aom

Spyware Reviewer — Tue, 21 Feb 2012 19:03:26 +0000

Virus:	EXP/Pidief.aom
Date discovered:	21/02/2012
Type:	Exploit
In the wild:	Yes
Reported Infections:	High
Distribution Potential:	Low
Damage Potential:	Low to medium
Static file:	No
VDF version:	7.11.23.180 - Tuesday, February 21, 2012
IVDF version:	7.11.23.180 - Tuesday, February 21, 2012

General

Method of propagation:
• By visiting infected websites

Aliases:
• Microsoft: Exploit:Win32/Pdfjsc.ZZ
• DrWeb: Exploit.PDF.2743

Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
• Drive-by download

From EXP/Pidief.aom at Spyware Removal Reviews.

HEUR/Modified.SystemFile

Spyware Reviewer — Mon, 20 Feb 2012 13:03:07 +0000

Virus:	HEUR/Modified.SystemFile
Type:	AHeAD Heuristic special detection
In the wild:	No
Reported Infections:	Low
Distribution Potential:	Low
Damage Potential:	Medium
Static file:	No

General

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
• Can be used to execute malicious code

From HEUR/Modified.SystemFile at Spyware Removal Reviews.

Adware/InstalCor.199

Spyware Reviewer — Mon, 20 Feb 2012 08:03:54 +0000

Virus:	Adware/InstalCor.199
Date discovered:	16/02/2012
Type:	Adware
In the wild:	No
Reported Infections:	Low
Distribution Potential:	Low
Damage Potential:	Low
Static file:	Yes
File size:	518272 Bytes
MD5 checksum:	8e80fc5ad2de1b27ba56b6d183425fd9
VDF version:	7.11.23.84 - Thursday, February 16, 2012
IVDF version:	7.11.23.84 - Thursday, February 16, 2012

General

Method of propagation:
• No own spreading routine

Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Right after execution the following information is displayed:

From Adware/InstalCor.199 at Spyware Removal Reviews.

Android.Pirator

Spyware Reviewer — Sun, 19 Feb 2012 17:04:13 +0000

Android.Pirator is a Trojan horse on the Android platform that downloads files and steals potentially confidential information from the compromised device.

Android package file
The Trojan may arrive as an APK package with the following characteristics:

Process Name
com.nubee.coinpirates

Version
1.0.6

From Android.Pirator at Spyware Removal Reviews.

TR/MicroFake.BA.2

Spyware Reviewer — Sat, 18 Feb 2012 01:02:47 +0000

Virus:	TR/MicroFake.BA.2
Date discovered:	04/10/2010
Type:	Trojan
In the wild:	No
Reported Infections:	Low
Distribution Potential:	Low
Damage Potential:	Low
File size:	7.680 Bytes
VDF version:	7.10.05.140
IVDF version:	7.10.12.118 - Monday, October 4, 2010

General

Method of propagation:
• No own spreading routine

Aliases:
   • Kaspersky: Trojan.Win32.MicroFake.ba
   • Bitdefender: Trojan.Microfake.D
   • Microsoft: Trojan:Win32/Orsam!rts
   • GData: Trojan.Microfake.D

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
• Can be used to execute malicious code
• Steals information

From TR/MicroFake.BA.2 at Spyware Removal Reviews.

Adware/Relevant.Q

Spyware Reviewer — Fri, 17 Feb 2012 15:05:24 +0000

Virus:	Adware/Relevant.Q
Date discovered:	09/01/2012
Type:	Adware
In the wild:	No
Reported Infections:	Medium
Distribution Potential:	Low
Damage Potential:	Low
Static file:	Yes
File size:	356.992 Bytes
MD5 checksum:	cbd0707569ec6cf952912ac4c42c37da
VDF version:	7.11.20.203 - Monday, January 9, 2012
IVDF version:	7.11.20.203 - Monday, January 9, 2012

General

Method of propagation:
• No own spreading routine

Aliases:
   • Kaspersky: WebToolbar.Win32.RK.cb
   • Bitdefender: Adware.Relevant.BA
   • Eset: Win32/Adware.RK.AB
   • GData: Adware.Relevant.BA
   • Authentium: W32/AdSpy.A
   • DrWeb: Adware.Relevant.78

Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

From Adware/Relevant.Q at Spyware Removal Reviews.

Adware/InstallCore.1.43

Spyware Reviewer — Fri, 17 Feb 2012 10:03:12 +0000

Virus:	Adware/InstallCore.1.43
Date discovered:	15/02/2012
Type:	Adware
In the wild:	No
Reported Infections:	Low
Distribution Potential:	Low
Damage Potential:	Low
Static file:	Yes
File size:	560136 Bytes
MD5 checksum:	3456518fd6fd89d582c1bc6f15c8e256
VDF version:	7.11.23.48 - Wednesday, February 15, 2012
IVDF version:	7.11.23.48 - Wednesday, February 15, 2012

General

Method of propagation:
• No own spreading routine

Aliases:
• Bitdefender: Gen:Variant.Application.InstallCore.1

Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Right after execution the following information is displayed:

From Adware/InstallCore.1.43 at Spyware Removal Reviews.