Trojan.PPDropper.B Discovered Today

Trojan.PPDropper.B may arrive as a Powerpoint attachment in the following email:
From:
[REMOVED]@gmail.com
To:
Undisclosed-Recipient:;
Subject:
[CHINESE CHARS]
Attachment:
[CHINESE CHARS].ppt
When Trojan.PPDropper.B is executed, it performs the following actions:

Exploits an undocumented Microsoft Powerpoint Remote Code Execution Vulnerability using a malformed string, once the Powerpoint attachment is executed.
Drops and executes the following file which is a variant of Backdoor.Bifrose.E:
%System%\regvrt.exe
Note: %System% [...]

Backdoor.Haxdoor.N Discovered Today

When Backdoor.Haxdoor.N is executed, it performs the following actions:

Drops the following files:

%System%\qo.dll
%System%\qo.sys
%System%\dvb03a.dll
%System%\dvb03a.sys
%System%\dvb06a.sys
Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

Creates the following files to store the gathered information:

%System%\klo5.sys
%System%\lps.dat
%System%\dt163.dt
%System%\m012741.dat
%System%\tn145.dat
%System%\rddom.a3d
%System%\r85064.dat
%System%\wmx.a3d

Hides all of the above files using a rootkit.
Creates the services dvb03a [...]

W32.Looked.P Discovered Today

When W32.Looked.P is executed, it performs the following actions:

Creates the following files:

%Windir%\rundl132.exe – a copy of W32.Looked.P
%CurrentFolder%\vDll.dll – a copy of Downloader
Note:
%System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%CurrentFolder% is a variable that refers to the folder where the [...]