Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 13, 2005

by roddy32 Dec 12, 2005 9:00PM PST

Troj/Stinx-M

Type
Spyware Trojan

Aliases
BKDR_BREPLIBOT.M
Backdoor.Win32.Breplibot.n

Troj/Stinx-M is a backdoor Trojan for the Windows platform.

Troj/Stinx-M can be instructed to delete, download and execute files.

Sophos's anti-virus products include Genotype? detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against Troj/Stinx-M (detected as Troj/Stinx-Fam) since version 3.98.

http://www.sophos.com/virusinfo/analyses/trojstinxm.html

Discussion is locked

61 - 90 of 69 Posts
- Collapse + Expand Details
- Collapse -
Troj/GrayBrd-I
by Marianna Schmudlach Dec 13, 2005 3:04PM PST

Type Trojan

Aliases Backdoor.Win32.Hupigon.fv

Troj/GrayBrd-I is a backdoor Trojan which allows a remote intruder to gain
access and control over the computer.
Troj/GrayBrd-I includes functionality to access the internet and communicate
with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojgraybrdi.html

- Collapse -
Troj/LegMir-RL
by Marianna Schmudlach Dec 13, 2005 3:05PM PST
- Collapse -
W32/Dref-J
by Marianna Schmudlach Dec 13, 2005 3:06PM PST

Type Worm

W32/Dref-J is an email worm with backdoor Trojan functionality for the Windows
platform.
W32/Dref-J runs continuously in the background, providing a backdoor server
which allows a remote intruder to gain access and control over the computer via
TCP connections.
W32/Dref-J may arrive in an email message with the following characteristics:
Subject line: chosen from
Re
Resume
Your Files
Your Stuff
My Story
Message text: chosen from
here are the pictures you asked me to send you.
please read again what i have written to you !
here are the programms you asked me to mail you
here are the porn you asked me to show you...
just read it,its fantastic
Attached file: chosen from a list including
pictures.rar
info.rar
package1.rar
porn.rar
My Life.rar

http://www.sophos.com/virusinfo/analyses/w32drefj.html

- Collapse -
W32/Tilebot-CK
by Marianna Schmudlach Dec 13, 2005 3:07PM PST

Type Worm

Aliases Backdoor.Win32.SdBot.aad

W32/Tilebot-CK is a worm which attempts to spread to remote network shares and
messaging applications.
W32/Tilebot-CK also contains backdoor Trojan functionality, allowing
unauthorized remote access to the infected computer via IRC channels.
W32/Tilebot-CK spreads to network shares with weak passwords as a result of the
backdoor Trojan element receiving the appropriate command from a remote user.
W32/Tilebot-CK copies itself to the Windows folder with the filename smncs.exe
and creates a service named "Service Filter" in order to run itself on system
startup.
W32/Tilebot-CK allows a remote user to perform a wide range of actions on the
infected computer including downloading further files, setting registry entries
and stealing information from the computer including from protected storage
areas.
W32/Tilebot-CK will search for instances of IRC chat or instant message windows
of mIRC and AIM applications in order to attempt to spread.

http://www.sophos.com/virusinfo/analyses/w32tilebotck.html

- Collapse -
W32/Tilebot-CI
by Marianna Schmudlach Dec 13, 2005 3:07PM PST

Type Worm

W32/Tilebot-CI is a worm and IRC backdoor Trojan for the Windows platform.
W32/Tilebot-CI spreads to other network computers by exploiting common buffer
overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012),
PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares
protected by weak passwords.
The following patches for the operating system vulnerabilities exploited by
W32/Tilebot-CI can be obtained from the Microsoft website:
MS04-007
MS04-011
MS04-012
MS05-039

http://www.sophos.com/virusinfo/analyses/w32tilebotci.html

- Collapse -
Troj/Dluca-AE
by Marianna Schmudlach Dec 13, 2005 3:08PM PST
- Collapse -
W32/Tilebot-CH
by Marianna Schmudlach Dec 13, 2005 3:09PM PST

Type Worm

Aliases Backdoor.Win32.SdBot.aad

W32/Tilebot-CH is a worm and IRC backdoor Trojan for the Windows platform.
W32/Tilebot-CH can spread via common buffer overflow exploits including LSASS
(MS04-011), RPC-DCOM (MS04-012), and ASN.1 (MS04-007) and to weakly protected
network shares.
W32/Tilebot-CH runs continuously in the background, providing a backdoor server
which allows a remote intruder to gain access and control over the computer via
IRC channels.
W32/Tilebot-CH includes functionality to access the internet and communicate
with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/w32tilebotch.html

- Collapse -
Troj/Bancban-LJ
by Marianna Schmudlach Dec 13, 2005 3:10PM PST

Type Spyware Trojan

Aliases Trojan-Spy.Win32.Banker.of

Troj/Bancban-LJ is a password stealing Trojan for the Windows platform.
Troj/Bancban-LJ targets the customers of certain Brazilian online banking
webites by displaying fake interfaces and recording any details that are entered.
Troj/Bancban-LJ includes functionality to access the internet and communicate
with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojbancbanlj.html

- Collapse -
Troj/Bancban-LI
by Marianna Schmudlach Dec 13, 2005 3:11PM PST

Type Spyware Trojan

Aliases Trojan-Spy.Win32.Banker.ahy

Troj/Bancban-LI is a password stealing Trojan for the Windows platform.
Troj/Bancban-LI targets the customers of certain Brazilian online banking
webites by displaying fake interfaces and recording any details that are
entered.
Troj/Bancban-LI includes functionality to send notification messages to remote
locations.

http://www.sophos.com/virusinfo/analyses/trojbancbanli.html

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info