2008's Top 10 Malware/Spyware Infections

If you’re a PC User you can’t help but deal, on an almost daily basis, with the ongoing menace of malware or spyware infections. The majority of your time spent on the computer is most likely spent on the internet and with that comes the risk of contracting these dangerous PC “diseases”. It is necessary to take precautions to arm yourself against these threats and it is important to know what you can do and what you’re up against. Some simple steps you can take are installing antivirus, antispyware and antispam software as well as switching to the safest web browsers, being wary of which websites you visit and not opening attachments from unknown senders or sources.

According to Sunbelt Software, the below are the top ten most common malware and spyware infections of 2008.

1. Trojan-Downloader.Zlob.Media-Codec
Trojan-Downloader.Zlob.Media-Codec will frequently do silent downloads and install rogue security programs and in some cases install other malware as well.

2. Trojan.FakeAlert
Trojan.FakeAlert will display these false warnings if rogue security software is installed, generally by exploits, with the intent of using this as a scare tactic to motivate the user to buy the rogue software.

3. Virtumonde
Some variants of Virtumonde include the following Trojan-like characteristics: downloading other software without notice or consent, transferring information to remote servers without notice or consent and lowering system security on the infected computer. Some of these variants are resistant to removal.

4. ClickSpring.PuritySCAN
PurityScan provides the PC user's browsing history back to the vendor who provides ads catered to the user’s browsing habits which manifest as pop-ups on the desktop. It’s been known to install through security exploits and may bundle and/or download other adware applications. The EndUserLicenseAgreement (EULA) states that the vendor, ClickSpring LLC, may automatically uninstall, upgrade or update the company's software and in addition install other applications at any time without further notification.

5. Trojan.NewMediaCodec
Trojan.NewMediaCodec often claims to be a necessary upgrade to Windows Media Player to make viewing adult oriented videos on certain websites possible. What it actually does is downloads and installs additional malware on the user's PC.

6. Adware.NetAdware.Gen
Adware.NetAdware.Gen will also display false security notifications and warnings from the system tray in a balloon type pop-up. Sometimes it will download other malware to the infected machine. Via backdoor functionality, some variants give the remote attacker the capability of controlling and using the infected PC for malicious purposes.

7. Trojan-Downloader.braviax
Braviax is a Trojan which displays alarming alerts on the desktop notifying the user to alleged malware infections. These are intended for coercing users into purchasing rogue anti-malware applications that will clear the “infections”.

8. Backdoor.Rbot
This is a group of threats which can spread through security exploits, networks, IRC (Internet Relay Chat) servers and at times with other malware. After its installation, Rbot lets the attacker take control of a machine remotely and carry out various commands. The user's PC can then be used as a spam relay or to take part in a denial of service (DOS) attack. Different versions of the worm cam steal passwords and other data from the infected computer, decrease security settings and deactivate antivirus programs. Rbot variants are also known to steal game and application license keys. Later variants of Rbot may use the kernel-mode FU Rootkit to conceal itself from Windows and from the user.

9. Trojan.in-t-e-r-n-e-t
Trojan.in-t-e-r-n-e-t may be installed as a driver in the infected machine. It is generally installed through the use of exploits. Newer variants of Trojan.in-t-e-r-n-e-t send information to sites dealing with advertising and may be involved with click fraud.

10. Backdoor.SDBot
Depending on the variant, the SdBot can copy itself right into the Windows System Directory, or other directories within the Windows System Directory. By modifying “Run” keys in the registry, it positions itself in the Wondows startup. SdBot uses an IRC (Internet Relay Chat) to wait for other commands from the malicious attacker. From there, the attacker can remotely execute commands for many functions including cloning and updating the Sd Bot itself, deleting and/or downloading files, capturing the screen and/or keystrokes, logging and transmitting machine and user information, sending UDP and ICMP packets to remote computers, etc. SdBot can also disable the victim system’s antivirus software.

For those of you searching for a free tool for removing malware or spyware from your computer, VIPRE Antivirus + Antispyware provides PC users with a free 15-day full trial. You will not be required to provide any credit card information for complete remediation. Any dangerous infections will be either removed or quarantined without any cost to you during the trial period. Try VIPRE Antivirus PLUS Antispyware software now!

It is a pretty safe bet that the number of malware and spyware threats will only become greater and more developed. A dependable firewall is becoming more vital to guard PC users against future variations of malware, spyware, rootkits, trojans, viruses and more. You can get a free version of the Sunbelt Personal Firewall here.

Have a cyber-safe 2009, free of malware/spyware!