Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Messenger.VirusWarning Trojan Information

Name: Messenger.VirusWarning
Category: Trojan
Alias: - Alias: BankAsh-A, Banking Trojan, ASH
Advice: Remove
Risk: High Risk High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May use a security flaw in the operating system to gain access to your computer.
Description: The program runs approx every 10 mins and gives a pop-up message telling the user the computer is infected with a virus.

The popup message says:

"Warning! Your computer has been infected with a virus. Please fix and secure your computer immediately."

Installs a file called msmsgs.exe named after Windows MSN Messenger in the system folder (C:WindowsSystem...).

The Properties of the msmsgs.exe file are:
- Company Name: Eternal Order of the Impossible Triangle
- Internal Name: VirusWarning
- Original Filename: VirusWarning.exe
- Product Name: Project1
- Product Version: 1.00

If the file is removed, a new version of the program seems to be copied to the system32
directory every time I reboot.

The virus program was written with visual basic.

Possibly related to the trojan Gaobot.
Signatures: process: msmsgs.exe: MD5 Hash: 904dc0862e6d003b083... process: msmsgs.exe: MD5 Hash: ... process: msmsgs.exe: MD5 Hash: 5a47a910ed023b45a64..
Type: Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.



Top Trojan Visited Pages:
Tro.Downloader.loadadv - 408 visits
Enable Regedit - 191 visits
Java.ClassLoader.Dummy.d - 182 visits
Trojan.BankerSpy - 176 visits
RBot.steam - 85 visits
Startup.NameShifter.Xgtray - 76 visits
Tro.Bagle.SP - 58 visits
Trojan.BHO.NameShifter.EZ - 54 visits
LRPatch Trojan - 54 visits
Tro.YourStartingPage - 53 visits

Random Trojan Pages:
Trojan.BHO.NameShifter.W
Musdie 1.1 - Alias: Backdoor.Musdie.11
BHO.NameShifter.JC
Reg.HaltWin.b
Overwriting Sectors Trojan - Alias: 2272 Trojan
Trojan.BHO.NameShifter.BW
WootBot - Alias: WORM_WOOTBOT.CA
Trojan.Startup.NameShifter.IH
WGateScan 3.0
Trojan.BHO.AntiSpy - Alias: BankAsh-A, Banking Trojan, ASH


 

© 2006-2008 spyware32.com - Privacy Policy