http://www.fortiguard.com/ en Copyright 2010 Fortinet Inc. All Rights Reserved Tue, 09 Feb 2010 02:40:07 -0800 http://www.fortiguard.com/ids/VID17972 http://www.fortiguard.com/ids/VID17972 Mon, 08 Feb 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID18125 http://www.fortiguard.com/ids/VID18125 Fri, 05 Feb 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID18118 http://www.fortiguard.com/ids/VID18118 Sun, 24 Jan 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID15805 http://www.fortiguard.com/ids/VID15805 Tue, 19 Jan 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID18121 http://www.fortiguard.com/ids/VID18121 Tue, 19 Jan 2010 00:00:00 -0800 Visible Symptoms

• The following files exist:
  
  
  • %Documents and Settings\[UserName]\Start Menu\Programs\Startup\rarype32.exe
  • %Documents and Settings\[UserName]\Application Data\avdrn.dat

]]> http://www.fortiguardcenter.com/ve?vn=W32/Bredolab.AC!tr.dldr http://www.fortiguardcenter.com/ve?vn=W32/Bredolab.AC!tr.dldr Mon, 18 Jan 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID18101 http://www.fortiguard.com/ids/VID18101 Tue, 12 Jan 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID17968 http://www.fortiguard.com/ids/VID17968 Mon, 11 Jan 2010 00:00:00 -0800 http://www.fortiguard.com/ids/VID17741 http://www.fortiguard.com/ids/VID17741 Tue, 05 Jan 2010 00:00:00 -0800 Visible Symptoms

• The following files exist:
  
  
  • %SYSTEM%\wmimngr.exe
  • %SYSTEM%\wpmgr.exe


• The following files exist under all the removable physical partitions:
  
  
  • autorun.inf
  • RECYCLER\S-1-6-21-2434476521-1645641927-702000330-1542\redmond.exe
  • RECYCLER\S-1-6-21-2434476521-1645641927-702000330-1542\Desktop.ini


• Possible firewall alert that an executable is attempting to connect to the Internet.

]]> http://www.fortiguardcenter.com/ve?vn=W32/AutoRun.BBC!worm http://www.fortiguardcenter.com/ve?vn=W32/AutoRun.BBC!worm Tue, 29 Dec 2009 00:00:00 -0800