Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 13, 2005

by roddy32 Dec 12, 2005 9:00PM PST

Troj/Stinx-M

Type
Spyware Trojan

Aliases
BKDR_BREPLIBOT.M
Backdoor.Win32.Breplibot.n

Troj/Stinx-M is a backdoor Trojan for the Windows platform.

Troj/Stinx-M can be instructed to delete, download and execute files.

Sophos's anti-virus products include Genotype? detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against Troj/Stinx-M (detected as Troj/Stinx-Fam) since version 3.98.

http://www.sophos.com/virusinfo/analyses/trojstinxm.html

Discussion is locked

1 - 30 of 69 Posts
- Collapse + Expand Details
- Collapse -
W32/Cuebot-I
by roddy32 Dec 12, 2005 9:02PM PST

Type
Worm

Aliases
Backdoor.Win32.IRCBot.es
WORM_IRCBOT.CM

W32/Cuebot-I is a worm for the Windows platform.

W32/Cuebot-I spreads to other network computers by exploiting common buffer overflow vulnerabilities, including PNP (MS05-039).

Sophos's anti-virus products include Genotype? detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against W32/Cuebot-I (detected as W32/Cuebot-Gen) since version 3.98.

http://www.sophos.com/virusinfo/analyses/w32cueboti.html

- Collapse -
Troj/Zapchas-AE
by roddy32 Dec 12, 2005 9:04PM PST

Type
Spyware Trojan

Aliases
Backdoor.IRC.Zapchast
IRC/Flood.mirc

Troj/Zapchas-AE is a Trojan for the Windows platform.

The Trojan utilizes the legitimate IRC client "mIRC" along with malicious configuration scripts to serve as a backdoor on infected computers.

http://www.sophos.com/virusinfo/analyses/trojzapchasae.html

- Collapse -
Troj/Ranck-DH
by roddy32 Dec 12, 2005 9:06PM PST
- Collapse -
W32/Tilebot-CE
by roddy32 Dec 12, 2005 9:08PM PST

Type
Worm

Aliases
Backdoor.Win32.SdBot.aad

W32/Tilebot-CE is a worm and backdoor Trojan for the Windows platform.

W32/Tilebot-CE spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007).

http://www.sophos.com/virusinfo/analyses/w32tilebotce.html

- Collapse -
Troj/QQRob-AO
by roddy32 Dec 12, 2005 9:10PM PST

Type
Spyware Trojan

Aliases
TSPY_QQROB.CB
Trojan-Downloader.Win32.Delf.acv

Troj/QQRob-AO is a downloader Trojan for the Windows platform.

Troj/QQRob-AO includes functionality to capture keystokes, download, install and run new software.

http://www.sophos.com/virusinfo/analyses/trojqqrobao.html

- Collapse -
Troj/DNSChan-B
by roddy32 Dec 12, 2005 9:11PM PST
- Collapse -
Troj/Small-EZ
by roddy32 Dec 12, 2005 9:13PM PST
- Collapse -
W32/Rbot-BBJ
by roddy32 Dec 12, 2005 9:15PM PST

Type
Worm

Aliases
Backdoor.Win32.Rbot.aju
W32/Sdbot.worm.gen.bh

W32/Rbot-BBJ is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BBJ spreads:

- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), IIS5SSL (MS04-011) (CAN-2003-0719), UPNP (MS01-059), Veritas (CAN-2004-1172), Dameware (CAN-2003-1030) and ASN.1 (MS04-007)
- by copying itself to network shares protected by weak passwords

W32/Rbot-BBJ runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbbj.html

- Collapse -
W32/Rbot-BBK
by roddy32 Dec 12, 2005 9:18PM PST

Type
Worm

Aliases
Backdoor.Win32.Rbot.aie

W32/Rbot-BBK is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BBK spreads:

- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), IIS5SSL (MS04-011) (CAN-2003-0719), UPNP (MS01-059), Veritas (CAN-2004-1172), Dameware (CAN-2003-1030), PNP (MS05-039) and ASN.1 (MS04-007)
- by copying itself to network shares protected by weak passwords

W32/Rbot-BBK runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbbk.html

- Collapse -
W32/Rbot-BBL
by roddy32 Dec 12, 2005 9:19PM PST

Type
Worm

W32/Rbot-BBL is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BBL runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbbl.html

- Collapse -
Troj/Bancban-LG
by roddy32 Dec 12, 2005 9:21PM PST

Type
Spyware Trojan

Aliases
Trojan-Spy.Win32.Banbra.df
PWS-Banker.gen.b
TSPY_BANKER.AUM

Troj/Bancban-LG is an Internet Banking Trojan for the Windows platform.

Troj/Bancban-LG includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojbancbanlg.html

- Collapse -
W32/Rbot-BBM
by roddy32 Dec 12, 2005 9:23PM PST

Type
Worm

W32/Rbot-BBM is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BBM runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbbm.html

- Collapse -
W32/Rbot-BBN
by roddy32 Dec 12, 2005 9:25PM PST

Type
Worm

W32/Rbot-BBN is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BBN runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbbn.html

- Collapse -
Troj/BankDl-Z
by roddy32 Dec 12, 2005 10:19PM PST
- Collapse -
Troj/Dloadr-ABP
by roddy32 Dec 12, 2005 10:21PM PST
- Collapse -
Troj/BagleDl-AM
by roddy32 Dec 12, 2005 10:23PM PST
- Collapse -
Troj/QQRob-AD
by roddy32 Dec 12, 2005 10:26PM PST

Type
Trojan

Aliases
Trojan-Spy.Win32.Delf.ld
TSPY_DELF.BK

Troj/QQRob-AD is a Trojan for the Windows platform.

Troj/QQRob-AD includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/QQRob-AD may attempt to turn off various Anti-Virus and security related services in an attempt to stay undetected.

http://www.sophos.com/virusinfo/analyses/trojqqrobad.html

- Collapse -
Troj/QQPass-FC
by roddy32 Dec 12, 2005 10:27PM PST
- Collapse -
Troj/Dumador-CZ
by roddy32 Dec 12, 2005 10:29PM PST
- Collapse -
W32/Style-A
by roddy32 Dec 12, 2005 10:31PM PST

Type
Worm

Aliases
W32/Generic.d

W32/Style-A is a P2P worm for the Windows platform.

W32/Style-A copies itself to the floppy drive and folders likely to be shared by P2P applications.

W32/Style-A changes several registry entries in order to make the infected computer unusable.

http://www.sophos.com/virusinfo/analyses/w32stylea.html

- Collapse -
Troj/Small-FA
by roddy32 Dec 12, 2005 10:38PM PST

Type
Trojan

Aliases
Trojan-Downloader.Win32.Agent.zd

Troj/Small-FA is a Trojan for the Windows platform.

Troj/Small-FA includes functionality to access the internet and communicate with a remote server via HTTP.

When Troj/Small-FA is installed it creates the file <Windows> \volumeco.exe.

http://www.sophos.com/virusinfo/analyses/trojsmallfa.html

- Collapse -
Troj/LegMir-BX
by roddy32 Dec 12, 2005 10:40PM PST
- Collapse -
Troj/Agent-FP
by roddy32 Dec 12, 2005 10:42PM PST
- Collapse -
Troj/Dloadr-ABQ
by roddy32 Dec 12, 2005 10:58PM PST
- Collapse -
Troj/GrayBrd-D
by roddy32 Dec 12, 2005 11:01PM PST
- Collapse -
Troj/Downldr-EN
by roddy32 Dec 12, 2005 11:02PM PST
- Collapse -
Troj/Clicker-AJ
by roddy32 Dec 12, 2005 11:07PM PST

Type
Trojan

Aliases
Hoax.Win32.SpyWare.a
AdClicker-AJ

Troj/Clicker-AJ is a Trojan for the Windows platform.

Troj/Clicker-AJ displays a fake warning message informing the user of a computer
that it is infected. The user is then encouraged to click on a button, which
will result in a website being opened that sells a product purported to remove
the infection.

http://www.sophos.com/virusinfo/analyses/trojclickeraj.html

- Collapse -
Troj/Bancban-LH
by roddy32 Dec 12, 2005 11:09PM PST
- Collapse -
Troj/BankDl-AA
by roddy32 Dec 12, 2005 11:10PM PST
- Collapse -
Troj/GrayBrd-E
by roddy32 Dec 12, 2005 11:13PM PST

Type
Trojan

Aliases
Backdoor.Win32.GrayBird.eq
Backdoor.Graybird
BKDR_GRAYBIRD.EV
BackDoor-AWQ.b

Troj/GrayBrd-E is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.

Troj/GrayBrd-E includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojgraybrde.html

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info