Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 17, 2005

by roddy32 Dec 16, 2005 11:57PM PST

Discussion is locked

20 Posts
- Collapse + Expand Details
- Collapse -
Troj/StartPa-IW
by roddy32 Dec 16, 2005 11:59PM PST

Type
Trojan

Aliases
Trojan.Win32.StartPage.aw

Troj/StartPa-IW is a Trojan for the Windows platform.

Troj/StartPa-IW includes functionality to access the internet and communicate with a remote server via HTTP.

The Trojan downloads additional files which may define further behavior.

http://www.sophos.com/virusinfo/analyses/trojstartpaiw.html

- Collapse -
Troj/Drsmartl-C
by roddy32 Dec 17, 2005 12:01AM PST
- Collapse -
Dial/Stardial-D
by roddy32 Dec 17, 2005 12:06AM PST
- Collapse -
Troj/BluEye-D
by roddy32 Dec 17, 2005 12:08AM PST

Type
Spyware Trojan

Aliases
Trojan-Spy.Win32.Agent.t
W32/PWStealer.Z
W32/Agent.AY
PWS-IT
PWS-IT.kit trojan

Troj/BluEye-D is a Backdoor generator toolkit. It is capable of recording keystrokes and opening a backdoor to allow access to the command shell on victim's computer. The keystrokes will be saved in a log file which an intruder can access via the backdoor.

http://www.sophos.com/virusinfo/analyses/trojblueyed.html

- Collapse -
W32/Dasher-C
by Marianna Schmudlach Dec 17, 2005 10:00AM PST

Type Worm

W32/Dasher-C is a worm for the Windows platform.
W32/Dasher-C spreads by exploiting various vulnerability includes the following:
WINS vulnerability (MS04-045)
WINDOWS PNP vulnerability (MS05-039)
MSDTC vulnerability (MS05-051)
MSSQL Authentication vulnerability (MS02-056)
W32/Dasher-C will attempt to disable auto starting of Windows Update.

http://www.sophos.com/virusinfo/analyses/w32dasherc.html

- Collapse -
W32/Titog-C
by Marianna Schmudlach Dec 17, 2005 10:01AM PST
- Collapse -
Troj/Winser-C
by Marianna Schmudlach Dec 17, 2005 10:01AM PST

Type Trojan

Troj/Winser-C is a Trojan for the Windows platform.
The Trojan can be used to exploit the Windows Internet Naming Service (WINS) buffer overflow vulnerability (MS04-045) to gain remote shell access on Microsoft Windows servers running the WINS service.

http://www.sophos.com/virusinfo/analyses/trojwinserc.html

- Collapse -
Troj/SqlHello-A
by Marianna Schmudlach Dec 17, 2005 10:02AM PST

Type Trojan

Troj/SqlHello-A is a Trojan for the Windows platform.
The Trojan can be used to exploit the SQL buffer overflow vulnerability (MS02-056) to gain remote shell access on Microsoft Windows servers running SQL Server or MSDE (Microsoft Desktop Engine).

http://www.sophos.com/virusinfo/analyses/trojsqlhelloa.html

- Collapse -
W32/Tilebot-CM
by Marianna Schmudlach Dec 17, 2005 10:03AM PST

Type Worm

Aliases Backdoor.Win32.SdBot.aad

W32/Tilebot-CM is a worm and IRC backdoor Trojan for the Windows platform.
W32/Tilebot-CM spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), MSSQL (MS02-039) (CAN-2002-0649), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.
W32/Tilebot-CM runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
W32/Tilebot-CM includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/w32tilebotcm.html

- Collapse -
W32/Combra-L
by Marianna Schmudlach Dec 17, 2005 10:04AM PST

Type Spyware Worm

Aliases Email-Worm.Win32.Combra.c
W32.Comdor.K@mm
WORM_COMBRA.E

W32/Combra-L is a worm for the Windows platform.
W32/Combra-L includes functionality to:
- access the internet and communicate with a remote server via HTTP
- send notification messages to remote locations

http://www.sophos.com/virusinfo/analyses/w32combral.html

- Collapse -
W32/Combra-K
by Marianna Schmudlach Dec 17, 2005 10:05AM PST

Type Worm

Aliases Email-Worm.Win32.Combra.c

W32/Combra-K is a worm for the Windows platform.
W32/Combra-K includes functionality to:
- access the internet and communicate with a remote server via HTTP
- send notification messages to remote locations

http://www.sophos.com/virusinfo/analyses/w32combrak.html

- Collapse -
W32/Agent-FS
by Marianna Schmudlach Dec 17, 2005 10:06AM PST

Type Worm

Aliases Backdoor.Win32.Agent.rd

W32/Agent-FS is a worm and backdoor Trojan for the Windows platform.
W32/Agent-FS spreads to other network computers by exploiting common buffer overflow vulnerabilities, including ASN.1 (MS04-007).

http://www.sophos.com/virusinfo/analyses/w32agentfs.html

- Collapse -
W32/Rbot-BBE
by Marianna Schmudlach Dec 17, 2005 10:07AM PST

Type Worm

Aliases Backdoor.Win32.Pakes
W32/Sdbot.MFK

W32/Rbot-BBE is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BBE spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007).
W32/Rbot-BBE runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbbe.html

- Collapse -
W32/Sdbot-AGK
by Marianna Schmudlach Dec 17, 2005 10:08AM PST

Type Worm

Aliases Backdoor.Win32.Rbot.gen
W32/Spybot.NEP

W32/Sdbot-AGK is a worm and IRC backdoor Trojan for the Windows platform.
W32/Sdbot-AGK spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.
W32/Sdbot-AGK runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32sdbotagk.html

- Collapse -
Virdem-526
by Marianna Schmudlach Dec 17, 2005 10:08AM PST
- Collapse -
Troj/Dloadr-ACM
by Marianna Schmudlach Dec 17, 2005 10:12AM PST
- Collapse -
Troj/StartPa-IW
by Marianna Schmudlach Dec 17, 2005 10:13AM PST

Type Trojan

Aliases Trojan.Win32.StartPage.aw

Troj/StartPa-IW is a Trojan for the Windows platform.
Troj/StartPa-IW includes functionality to access the internet and communicate with a remote server via HTTP.
The Trojan downloads additional files which may define further behavior.

http://www.sophos.com/virusinfo/analyses/trojstartpaiw.html

- Collapse -
Troj/Drsmartl-C
by Marianna Schmudlach Dec 17, 2005 10:14AM PST
- Collapse -
Dial/Stardial-D
by Marianna Schmudlach Dec 17, 2005 10:15AM PST
- Collapse -
Troj/BluEye-D
by Marianna Schmudlach Dec 17, 2005 10:16AM PST

Type Spyware Trojan

Aliases Trojan-Spy.Win32.Agent.t
W32/PWStealer.Z
W32/Agent.AY
PWS-IT
PWS-IT.kit trojan

Troj/BluEye-D is a Backdoor generator toolkit. It is capable of recording keystrokes and opening a backdoor to allow access to the command shell on victim's computer. The keystrokes will be saved in a log file which an intruder can access via the backdoor.

http://www.sophos.com/virusinfo/analyses/trojblueyed.html

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info