SecuriTeam Blogs » Sunbelt: Test workstation infected with 50 VML-related malware

Sunbelt: Test workstation infected with 50 VML-related malware

September 20th, 2006 by Juha-Matti, Filed under: Web, Microsoft, Commentary, Virus

This Sunbelt report is almost frightening to read:

Sunbelt researcher Adam Thomas (who discovered the VML exploit yesterday) has cataloged what is installed with one installation he observed. Epic quantities of junk:
Virtumonde
Trojan-PSW.Win32.Sinowal.aq
BookedSpace Browser Plug-in
AvenueMedia.InternetOptimizer
Claria.GAIN.CommonElements
Mirar Toolbar

… etc.

Additionaly, several toolbars like Begin2Search Toolbar and stuff like SpySheriff were being installed silently. The exact number of items is 49.

A coverage list of US-CERT, ISC etc. references included too.