Check Point Advisories

Update Protections against Recent Malware Threats (19-Feb-09)

Vulnerability
Protection

Check Point Reference:	CPAI-2009-020
Date Published:	19 Feb 2009
Severity:	High
Last Updated:	Thursday 01 January, 2009
Source:	Win32.Cekar Variant Malware: WeatherStudio Malware: Antivirus XP 2008 Toolbar: Starware Videos Trojan: Win32.Agent.aah Trojan Downloader: Gen Trojan Downloader: Agent.vhb
Protection Provided by:
Who is Vulnerable?	Microsoft Windows clients
Vulnerability Description	Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. Spyware is computer software that is installed without the user's informed consent on a personal computer to intercept or take partial control over the user's interaction with the computer. Spyware programs can collect various types of personal information, install additional software, redirect Web browser activity, or divert advertising revenue to a third party. Adware is an advertising-supported software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. A Trojan horse is a program that installs malicious software while under the guise of doing something else.  Trojans are known for installing backdoor programs which allow unauthorized non permissible remote access to the victim's machine by unwanted parties with malicious intentions.
Vulnerability Details	The update includes new protections against 7 recent malware threats: Win32.Cekar Variant - Win32.Cekar Variant is a worm that contacts its controlling server to download malicious code. An infected host may download additional Trojans, and upload sensitive information like usernames and passwords. The worm slows down the network, the infected computer and re-directs the browser.  Malware: WeatherStudio - WeatherStudio is a browser hijacker application that hijacks the Internet Explorer start page, auto search, and search assistance to its controlling server. It also hijacks user searches on popular search engines. Malware: Antivirus XP 2008 - Antivirus XP 2008 (Winifixer) is a rogue, malicious backdoor Trojan that attempts to scare users into paying for useless anti-spyware protection by leading them to believe that their PCs are infected with malware applications. Once downloaded and installed it starts a fake scan on the victim's system and reports false system security threats on the computer. Toolbar: Starware Videos - Starware Videos Toolbar is a malware application which alters the browsers search settings and re-directs address bar keyword searches to search.cometsystems.com. Installs a browser search toolbar and when performing a google.com search, will create a new window of search results from cometsystems.com. Trojan: Win32.Agent.aah - Trojan Win32.Agent.aah downloads malicious programs to a user's computer without the user's consent. It makes changes to the Windows system and the Internet Explorer settings, and generates popup advertisements when the user is surfing the Internet. Trojan Downloader: Gen - Downloader Trojan Gen downloads and installs multiple unwanted applications of adware and malware from remote servers. It monitors the user's web activities and keeps prompting users with fake security center alerts. It will automatically launch rogue anti-viru

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our .