Check Point Advisories

Update Protections against Recent Malware Threats (1-Mar-09)

Check Point Reference: CPAI-2009-030
Date Published: 1 Mar 2009
Severity: High
Last Updated: Thursday 01 January, 2009
Source: Adware: PointGuide
LORD SPY PRO 1.4
Malware: Faceback.exe
Trojan-Dropper: Win32.Agent.wdv
Protection Provided by:
Who is Vulnerable? Microsoft Windows clients
Vulnerability Description Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data.

Spyware is computer software that is installed without the user's informed consent on a personal computer to intercept or take partial control over the user's interaction with the computer. Spyware programs can collect various types of personal information, install additional software, redirect Web browser activity, or divert advertising revenue to a third party.

Adware is an advertising-supported software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used.

A Trojan horse is a program that installs malicious software while under the guise of doing something else.  Trojans are known for installing backdoor programs which allow unauthorized non permissible remote access to the victim's machine by unwanted parties with malicious intentions.

Vulnerability DetailsThe update includes new protections against 4 recent malware threats:

Adware: PointGuide - PointGuide is a trickler application that contacts remote servers and downloads malicious code onto a user's computer. It alters the Internet Explorer settings unexpectedly and generates pop-up advertisements occasionally.

LORD SPY PRO 1.4 - LORD SPY PRO 1.4 is a spyware and a keylogger that an attacker needs to send and execute on the victim's machine.

Malware: Faceback.exe - Malware application Faceback.exe downloads and executes many well-known malware from remote servers to a victim's computer without the user's consent. It also generates many pop-ups and advertisements on the user's desktop every few minutes. Faceback.exe is a very dangerous and infectious malware that can quickly infect the victim's system if it is not removed completely.

Trojan-Dropper: Win32.Agent.wdv - Trojan-Dropper.Win32.Agent.wdv downloads many other malicious files and Trojans without user's consent. It also hijacks the user's homepage without consent to a Chinese website.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK