Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - August 15, 2007

by Marianna Schmudlach / August 14, 2007 3:06 PM PDT

Troj/Dloadr-BDA

Type Trojan

Side effects Drops more malware
Downloads code from the internet

Troj/Dloadr-BDA is a Trojan for the Windows platform.

When first run Troj/Dloadr-BDA copies itself to <Windows>\svchost.exe and creates the following files:

<Common Files>\winctl.dll - Detected as Troj/Dloadr-BDA.
<Root>\oops.dll - Detected as Troj/Dloadr-BDA.
<Root>\pagefile.sys - Detected as Troj/Dloadr-BDA.

Protection available since 15 August 2007

http://www.sophos.com/security/analyses/trojdloadrbda.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - August 15, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - August 15, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/BankDl-CU
by Marianna Schmudlach / August 14, 2007 3:07 PM PDT

Type Trojan

Side effects Downloads code from the internet

Troj/BankDl-CU is a Trojan for the Windows platform.

The Trojan includes functionality to access the internet and communicate with a remote server via HTTP.

Protection available since 15 August 2007

http://www.sophos.com/security/analyses/trojbankdlcu.html

Collapse -
Troj/Banloa-EH
by Marianna Schmudlach / August 14, 2007 3:09 PM PDT
Collapse -
Troj/Dropper-QZ
by Marianna Schmudlach / August 14, 2007 3:10 PM PDT
Collapse -
Mal/SillyFDC-B
by Marianna Schmudlach / August 14, 2007 3:12 PM PDT
Collapse -
Troj/Banker-EIQ
by Marianna Schmudlach / August 14, 2007 3:13 PM PDT
Collapse -
Troj/Banker-EIO
by Marianna Schmudlach / August 14, 2007 3:15 PM PDT
Collapse -
Troj/Banker-EIP
by Marianna Schmudlach / August 14, 2007 3:16 PM PDT
Collapse -
Troj/Banker-EIR
by Marianna Schmudlach / August 14, 2007 3:18 PM PDT
Collapse -
W32/Looked-DS
by Marianna Schmudlach / August 14, 2007 3:20 PM PDT

Type Virus

Side effects Modifies data on the computer
Drops more malware
Downloads code from the internet
Reduces system security
Leaves non-infected files on computer

W32/Looked-DS is a virus and network worm for the Windows platform

http://www.sophos.com/security/analyses/w32lookedds.html

Collapse -
Troj/IESlice-A
by Marianna Schmudlach / August 14, 2007 3:21 PM PDT
Collapse -
Troj/DwnLdr-GXK
by Marianna Schmudlach / August 14, 2007 3:23 PM PDT
Collapse -
W32/Cekar-D
by Marianna Schmudlach / August 14, 2007 11:45 PM PDT
Collapse -
Mal/VBLame-A
by Marianna Schmudlach / August 14, 2007 11:47 PM PDT
Collapse -
VBS/TinyDwn-A
by Marianna Schmudlach / August 14, 2007 11:49 PM PDT
Collapse -
Mal/Behav-060
by Marianna Schmudlach / August 14, 2007 11:50 PM PDT
Collapse -
Troj/Mailbot-CG
by Marianna Schmudlach / August 14, 2007 11:55 PM PDT

Type Trojan

Side effects Allows others to access the computer
Reduces system security
Installs itself in the Registry

Aliases SpamTool.Win32.Agent.u
Spam-Xarvester trojan
Spammer:Win32/Agent.U

Troj/Mailbot-CG is a backdoor Trojan for the Windows platform

Protection available since 15 August 2007

http://www.sophos.com/security/analyses/trojmailbotcg.html

Collapse -
Mal/Banspy-D
by Marianna Schmudlach / August 14, 2007 11:57 PM PDT

Type Spyware Trojan

Side effects Steals credit card details
Steals information
Installs itself in the Registry
Monitors browser activity

Aliases Trojan-Spy.Win32.Bancos.u
PWS-Banker.gen.i trojan

Mal/Banspy-C is a family of Trojans for the Windows platform

Protection available since 15 August 2007

http://www.sophos.com/security/analyses/malbanspyd.html

Collapse -
Troj/Agent-GAM
by Marianna Schmudlach / August 14, 2007 11:58 PM PDT
Collapse -
Troj/Bckdr-QJF
by Marianna Schmudlach / August 15, 2007 12:00 AM PDT
Collapse -
worm W32/Kukoo-A - Cynical, Suicidal, Pathetic, Deranged
by Marianna Schmudlach / August 15, 2007 1:27 AM PDT

Cynical, Suicidal, Pathetic, Deranged

The worm W32/Kukoo-A was written by someone who is ostensibly screaming out for help. The author claims to wish for a visit from the Grim Reaper with a certain pathos in the choice of words:

More: http://www.sophos.com/security/blog/2007/08/491.html

Collapse -
W32.Lolurmom
by Marianna Schmudlach / August 15, 2007 3:12 AM PDT
Collapse -
Shark 2 dumbs down Trojan creation
by Marianna Schmudlach / August 15, 2007 3:20 AM PDT

Just when you thought it was safe to go back onto the internet...
By John Leyden

Published Wednesday 15th August 2007

Malign coders have created a new version of a tool that dumbs down the process of creating Trojan horse malware.

Shark 2 can be used to create Trojans capable of stealing confidential data, or backdoor programs that can be used to surreptitiously capture images from infected PCs, among other things.

The tool is being distributed via several underground internet forums. Software development is almost equivalent to that available from legitimate software vendors with regular updates to the code bringing the latest detected version up to version 2.3.2.

More: http://www.theregister.co.uk/2007/08/15/shark_trojan_creation_kit/

Collapse -
W32/Kies-A
by Marianna Schmudlach / August 15, 2007 5:11 AM PDT

Type Virus

Side effects Downloads code from the internet

Aliases Virus.Win32.Kies.b
Win32/Agent.NKN
PE_KIES.A

W32/Kies-A is a virus and network worm for the Windows platform

Protection available since 15 August 2007

http://www.sophos.com/security/analyses/w32kiesa.html

Collapse -
W32/Hoaix-A
by Marianna Schmudlach / August 15, 2007 5:13 AM PDT
Collapse -
Troj/Spywad-AR
by Marianna Schmudlach / August 15, 2007 5:15 AM PDT

Type Spyware Trojan

Aliases Hoax.Win32.Renos.hz
application Winfixer
TROJ_AGENT.AASC

Troj/Spywad-AR is a Trojan for the Windows platform.

Troj/Spywad-AR includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/Spywad-AR may attempt to close certain notification windows related to anti-virus and security programs.


Protection available since 15 August 2007

http://www.sophos.com/security/analyses/trojspywadar.html

Collapse -
Troj/Agent-GAN
by Marianna Schmudlach / August 15, 2007 5:16 AM PDT
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.