Trojan Horses Definitions(g) - Gamqowi

Gamqowi

Category: Trojan

Risk: Severe Risk

* Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.

Description: This trojan installs as a spam proxy, disables security processes and hijacks hosts file.

Alias: WORM_GAMQOWI.A

Signatures:
process: dodrrr.exe: MD5 Hash: 33bb81dc8d36b5807a7
process: msupdate.exe: MD5 Hash: d148e9957981d832ed9
process: mstempf.exe: MD5 Hash: 58f9e41bd5b13b095b6
process: csrss.exe: MD5 Hash: 357dbc2db8f003ab8b2
process: csrss.exe: MD5 Hash: f077ab33483ec8dbbd6
process: msupdate.exe: MD5 Hash: f884a8f9d2c98352507
process: msupdate.exe: MD5 Hash: 433c4d0af5268708476
process: msupdate.exe: MD5 Hash: 45350d7602bf137e18f
process: msupdate.exe: MD5 Hash: c51e7b2f35bfef76ea6..

Updated: 02/17/2006
Copyright @2006 THR Computer Solutions: Gamqowi