Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - August 31, 2004

Discussion is locked
You are posting a reply to: VIRUS ALERTS - August 31, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - August 31, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
W32/Rbot-HK

In reply to: VIRUS ALERTS - August 31, 2004

Aliases Backdoor.Spyboter.bw
W32/Sdbot.worm.gen.g
W32.Randex.gen
BKDR_SDBOT.CF

Type Worm

W32/Rbot-HK is a network worm which contains IRC backdoor Trojan functionality, allowing unauthorised remote access to the infected computer.

http://www.sophos.com/virusinfo/analyses/w32rbothk.html

Collapse -
W32/Rbot-HL

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/AgentSpy-B

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/StartPa-CI

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
W32/Rbot-HM

In reply to: VIRUS ALERTS - August 31, 2004

Type Worm

W32/Rbot-HM is a worm which attempts to spread to remote network shares. It also contains backdoor Trojan functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process.

http://www.sophos.com/virusinfo/analyses/w32rbothm.html

Collapse -
Troj/Istbar-BO

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/HacDef-K

In reply to: VIRUS ALERTS - August 31, 2004

Aliases Backdoor.HacDef.e
BKDR_HACDEF.D

Type Trojan

Troj/HacDef-K is a backdoor Trojan that allows unauthorised remote access to the infected computer. Troj/HacDef-K also hides information about the infected system, making it more difficult to detect and delete.

http://www.sophos.com/virusinfo/analyses/trojhacdefk.html

Collapse -
W32/Rbot-HO

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/Metared-A

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
W32/Rbot-HN

In reply to: VIRUS ALERTS - August 31, 2004

Type Worm

W32/Rbot-HN is a member of the W32/Rbot family of worms with
backdoor functionality.
These worms allows a malicious user remote access to an infected
computer via the IRC network.
W32/Rbot-HN spreads by scanning computers on the internet for
various vulnerabilities.
In order to run automatically when Windows starts up the Worm
copies itself to the file muamgrd.exe in the Windows system
folder and registers itself as the service process muamgrd.


http://www.sophos.com/virusinfo/analyses/w32rbothn.html

Collapse -
W32/Agobot-MG

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/Delf-KX

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/StartPa-CU

In reply to: VIRUS ALERTS - August 31, 2004

Aliases VBS/Psyme
Trojan.Win32.StartPage.lx
TrojanDownloader.JS.gen
JS/Psyme.F@dl

Type Trojan

Troj/StartPa-CU makes changes to browser settings without informing
the user.
Troj/StartPa-CU attempts to connect to a predetermined web address.
As a result, the Trojan may display advertising popups of an adult nature.
Troj/StartPa-CU attempts to run an executable component by the codebase
exploit. The Trojan also exploits the ADODB.Stream vulnerability.

http://www.sophos.com/virusinfo/analyses/trojstartpacu.html

Collapse -
W32/Rbot-HP

In reply to: VIRUS ALERTS - August 31, 2004

Aliases Backdoor.Win32.Rbot.bh

Type Worm

W32/Rbot-HP is a worm with backdoor Trojan functionality.
W32/Rbot-HP connects to an IRC server and waits for backdoor
commands.
W32/Rbot-HP may spread to computers on the local network
protected by weak passwords and by exploiting a number of
software vulnerabilities.

http://www.sophos.com/virusinfo/analyses/w32rbothp.html

Collapse -
Troj/Istbar-DW

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
W32/Agobot-ML

In reply to: VIRUS ALERTS - August 31, 2004

Aliases Backdoor.Agobot.gen
W32/Gaobot.worm.gen.d
Win32/Agobot.3.AEN

Type Worm

W32/Agobot-ML is an IRC backdoor Trojan and network worm which can copy itself into shared network folders and send emails to contacts found in the Windows Address Book with copies of itself included as an executable attachment.
W32/Agobot-ML can move itself into the Windows system folder and set registry entries to ensure that it is executed automatically upon restart.
W32/Agobot-ML can terminate security-related processes and steal data from network traffic. The following vulnerabilities can also be exploited to aid propagation on unpatched systems and manipulate registry keys:
Remote Procedure Call (RPC) vulnerability.
Distributed Component Object Model (DCOM) vulnerability.
RPC Locator vulnerability.
IIS5/WEBDAV Buffer Overflow vulnerability.
For more information about these Windows vulnerabilities, please refer to the following Microsoft Security Bulletins:
Microsoft Security Bulletin MS03-001
Microsoft Security Bulletin MS03-007
Microsoft Security Bulletin MS03-039
W32/Agobot-ML can also initiate denial-of-service (DoS) and distributed denial-of-service (DDoS) synflood / httpflood / fraggle / smurf etc attacks against remote systems.

http://www.sophos.com/virusinfo/analyses/w32agobotml.html

Collapse -
Troj/BagleDl-A

In reply to: VIRUS ALERTS - August 31, 2004

Collapse -
Troj/BagleDl-A

In reply to: VIRUS ALERTS - August 31, 2004

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GRAMMYS 2019

Here's Everything to Know About the 2019 Grammys

Find out how to watch the Grammy Awards if you don't have cable and more.