WORMS, VIRUS and SCRIPTS

Publié le par SSTA



- Xorala: P1/P2




NB. Kav prevents the malware from being permanent, but not the creation of its files:





- Vulcano: P1/P2






- VB Fun Love: P1/P2




- IRC VBS: P1/P2





- Autoworm: F1/P2




- "Virus": P1/P2 (not known from Kav labs, uses keyboard hooks):







-Email worm Win32 Sircam: P1/P2





-Net worm Win32.Welchia.b: P1/P2









-Worm Win32.Mydoom variant: P1/P2













-Email worm.Win32.Warezov.aj: P1/P2










-Warezov variant: P1/P2

If this variant is not knwon from kav database (december 2006), the proactive module can prevent it from being permanent (registy guard):






-Bat destructive virus xfull: F1/P2




This old virus is destructive, and designed to delete system files: if we enable only the the proactive module, kav can't detect or deny files deletion (all files are removed, except files in used).


-Code Red variant: P1/P2





-NetSky variant: P1/P2:








-Gypsy Worm: P1/P2





-Worm Lupar: P1/P2





-Worm Tutiam: P1/P2






-Bagle variant: P1/P2



-Batch virus : P1/P2




As we see above, this file is not known by kav; that which is confirmed by the scan:



But...unseen here by the AV file protection, catched there by the proactive module:



If we deny the action ("invader" alert), the virus can't have access to system files ("access denied"):





-Virus.win32.Parite.b: P1/P2












NB. For those interested in some feature of some virus used here, we can suggest the reading of this pdf from Kaspersky lab ("Enhanced" virus protection, by Costain G. Raiu).











Publié dans KASPERSKY 6 TEST

Commenter cet article