Trojan-Downloader.Zlob.Media-Codec
Trojan-Downloader.Zlob.Media-Codec is a trojan that installs rogue security software on the infected machine without notice and consent. It purports to be a needed codec or upgrade to Windows Media Player when users attempt to watch certain adult/porn videos to trick the user into downloading it. Once downloaded, it contacts remote servers and initiates the download of rogue security software such as SpywareQuake.
Trojan.FakeAlert (formerly DesktopScam)
This program is used to trick the affected user into purchasing certain security applications. Trojan.FakeAlert will display false warnings that the computer is infected and uses a fake Windows update globe to trick the user into thinking that Microsoft Windows is reporting a spyware infection. Clicking on this notification directs the user to a pre-defined website to order malware removal software.
Virtumonde
Virtumonde is an adware program that displays pop-up advertisements on the desktop and also downloads other software from various remote servers. There are many variants of Virtumonde, some with trojan-like behaviors including downloading other software without notice and consent, transmitting information to remote servers without notice and consent, and lowering system security on the infected machine.
Zango.CommonElements
Zango.CommonElements is a collection of traces that are found in multiple adware programs from 180solutions and includes files and registry keys present in more than one 180solutions/Zango application.
WinSpy
WinSpy is a surveillance tool that allows the user to monitor activities of all users on the machine. It tracks browser history, Internet cache, cookies, most recently used documents (MRUs), search history, recently run programs, and open/save dialogues.
Zango.SearchAssistant
Zango.SearchAssistant opens new browser windows showing websites based on the previous websites you visit. The adware will run in the background on a computer and will periodically direct users to other sponsors' websites, allowing users to compare prices between websites.
SpySheriff
SpySheriff is a purported antispyware application to scan for and remove spyware from users' computers. SpySheriff is known to be distributed through exploits that also download adware or spyware on users' computers without notice or consent. When SpySheriff is downloaded through an exploit, it puts a red icon in the system tray and shows a false warning that the computer is infected with spyware.
Command Service
Command Service is an adware application that opens pop-ups and displays various types of advertising on the user's desktop while browsing web pages. Command Service is installed by a number of drive-by downloaders, including IE-Plugin.
180solutions.SearchAssistant
An adware application that monitors users' search queries and web surfing in order to display targeted advertising, 180solutions.Search Assistant opens new browser windows on the user's desktop based on search keywords and browser activity. The user's browsing history and search queries are monitored and transmitted to 180solutions' server in order to show ads, usually pop-ups.
Trojan-Downloader.Gen
Trojan-Downloader.Gen is a trojan downloader typically installed through an exploit or some other deceptive means that facilitates the download and installation of other malware and unwanted software onto a victim's PC.
Top 10 Spyware Threats for January 2007
- Trojan-Downloader.Zlob.Media-C
- Trojan.FakeAlert
- Virtumonde
- SpySheriff
- Zango.SearchAssistant
- Trojan.Vxgame
- Trojan-Downloader.Gen
- Trojan.Smitfraud
- Command Service
- 180solutions.SearchAssistant
Sunbelt Software Announces Top Ten Spyware Threats for January.
February 7, 2007 -- Sunbelt Software, a leading provider of Windows security software, today announced the top ten most prevalent spyware threats for the month of January.
Trojan-Downloader.Zlob.Media-Codec
Trojan-Downloader.Zlob.Media-Codec is a trojan that installs rogue security software on the infected machine without notice and consent. It purports to be a needed codec or upgrade to Windows Media Player when users attempt to watch certain adult/porn videos to trick the user into downloading it. Once downloaded, it contacts remote servers and initiates the download of rogue security software such as SpywareQuake.
Trojan.FakeAlert (formerly DesktopScam)
This program is used to trick the affected user into purchasing certain security applications. Trojan.FakeAlert will display false warnings that the computer is infected and uses a fake Windows update globe to trick the user into thinking that Microsoft Windows is reporting a spyware infection. Clicking on this notification directs the user to a pre-defined website to order malware removal software.
Virtumonde
Virtumonde is an adware program that displays pop-up advertisements on the desktop and also downloads other software from various remote servers. There are many variants of Virtumonde, some with trojan-like behaviors including downloading other software without notice and consent, transmitting information to remote servers without notice and consent, and lowering system security on the infected machine.
SpySheriff
SpySheriff is a purported antispyware application to scan for and remove spyware from users' computers. SpySheriff is known to be distributed through exploits that also download adware or spyware on users' computers without notice or consent. When SpySheriff is downloaded through an exploit, it puts a red icon in the system tray and shows a false warning that the computer is infected with spyware.
Zango.SearchAssistant
Zango.SearchAssistant opens new browser windows showing websites based on the previous websites you visit. The adware will run in the background on a computer and will periodically direct users to other sponsors' websites, allowing users to compare prices between websites.
Trojan.Vxgame
A trojan that silently downloads malware from the internet and lowers the system's security settings by disabling the Windows firewall. It also has backdoor functionality and sometimes uses cloaking (rootkit) technology to hide its presence from the user.
Trojan-Downloader.Gen
Trojan-Downloader.Gen is a trojan downloader typically installed through an exploit or some other deceptive means and that facilitates the download and installation of other malware and unwanted software onto a victim's PC.
Trojan.Smitfraud
Trojan.Smitfraud downloads and installs programs that purport to scan for adware and spyware and typically display false reports of spyware in order to frighten the user into paying for the program.
download the fix for Trojan.Smitfraud
Command Service
Command Service is an adware application that opens pop-ups and displays various types of advertising on the user's desktop while browsing web pages. Command Service is installed by a number of drive-by downloaders, including IE-Plugin.
180solutions.SearchAssistant
An adware application that monitors users' search queries and web surfing in order to display targeted advertising. 180solutions.Search Assistant opens new browser windows on the user's desktop based on search keywords and browser activity. The user's browsing history and search queries monitored and transmitted to 180solutions' server in order to show ads, usually pop-ups.
About Sunbelt Software’s Threat Research Center
The Sunbelt Software Threat Research Center specializes in the discovery and analysis of dangerous vulnerabilities (i.e., security holes, bugs, maligned features or combination of operations) that could be exploited for Internet and email attacks. The research team actively researches new spyware outbreaks, creating and testing new spyware definitions on a constant basis. For detailed spyware research information and to view the top ten spyware in real-time please visit
research.sunbelt-software.com
Report a broken link here
click
to show / hide the Top 10 Threats for January