Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 20, 2005

by roddy32 Dec 19, 2005 10:40PM PST

Troj/Banload-BS

Type
Trojan

Aliases
Trojan-Downloader.Win32.Banload.kh

Troj/Banload-BS is a Trojan downloader for the Windows platform.

Troj/Banload-BS includes functionality to access the internet and communicate
with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojbanloadbs.html

Discussion is locked

1 - 30 of 71 Posts
- Collapse + Expand Details
- Collapse -
Troj/Banload-AS
by roddy32 Dec 19, 2005 10:41PM PST

Type
Trojan

Aliases
Trojan-Downloader.Win32.Banload.nc

Troj/Banload-AS is a Trojan for the Windows platform.

Troj/Banload-AS includes functionality to access the internet and communicate
with a remote server via HTTP.

The downloaded file is detected as Troj/Bancban-MF

http://www.sophos.com/virusinfo/analyses/trojbanloadas.html

- Collapse -
W32/Rbot-BDE
by roddy32 Dec 19, 2005 10:43PM PST

Type
Worm

W32/Rbot-BDE is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BDE spreads to other network computers infected with Troj/Kuang and to other network computers by exploiting common buffer overflow vulnerabilities, including: WebDav (MS03-007) and IIS5SSL (MS04-011) (CAN-2003-0719).

W32/Rbot-BDE runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbde.html

- Collapse -
Troj/Bancban-MF
by roddy32 Dec 19, 2005 10:47PM PST
- Collapse -
Troj/Bancban-MI
by roddy32 Dec 19, 2005 10:49PM PST

Type
Spyware Trojan

Aliases
Trojan-Spy.Win32.Banker.ahy

Troj/Bancban-MI is an Internet banking Trojan for the Windows platform.

Troj/Bancban-MI includes functionalities to:

- send notification messages to remote locations via email
- steal confidential information

http://www.sophos.com/virusinfo/analyses/trojbancbanmi.html

- Collapse -
Troj/Bancban-MG
by roddy32 Dec 19, 2005 10:51PM PST
- Collapse -
Troj/Vixup-N
by roddy32 Dec 19, 2005 11:00PM PST
- Collapse -
Troj/Vixup-O
by roddy32 Dec 19, 2005 11:01PM PST
- Collapse -
Troj/Qdial-B
by roddy32 Dec 19, 2005 11:38PM PST
- Collapse -
Troj/Vixup-P
by roddy32 Dec 19, 2005 11:40PM PST
- Collapse -
Troj/Vixup-Q
by roddy32 Dec 19, 2005 11:41PM PST

Type
Trojan

Troj/Vixup-Q is a Trojan for the Windows platform.

Sophos's anti-virus products include Genotype? detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against Troj/Vixup-Q (detected as Troj/Vixup-Gen) since version 3.98.

http://www.sophos.com/virusinfo/analyses/trojvixupq.html

- Collapse -
Troj/Bancban-ML
by roddy32 Dec 19, 2005 11:43PM PST
- Collapse -
Troj/IRCBot-BC
by roddy32 Dec 19, 2005 11:46PM PST

Type
Spyware Trojan

Troj/IRCBot-BC is a backdoor IRC Trojan for Windows platform.

Troj/IRCBot-BC has the functionalities to:

- allow a remote intruder to gain access and control over the infected computer via IRC
- steal information
- silently download, install and run new software

http://www.sophos.com/virusinfo/analyses/trojircbotbc.html

- Collapse -
Troj/QQRob-AI
by roddy32 Dec 19, 2005 11:48PM PST
- Collapse -
Troj/Harnig-B
by roddy32 Dec 19, 2005 11:49PM PST

Type
Trojan

Aliases
Downloader-PZ
TROJ_HARNIG.GEN

Troj/Harnig-B is a Trojan for the Windows platform.

Troj/Harnig-B includes the following functionalities to:

- access the Internet and communicate with a remote server via HTTP
- terminate processes
- silently download, install and run new software

http://www.sophos.com/virusinfo/analyses/trojharnigb.html

- Collapse -
W32/Tilebot-CN
by roddy32 Dec 19, 2005 11:51PM PST

Type
Worm

Aliases
Backdoor.Win32.SdBot.xd
W32/Sdbot.worm.gen.bz

W32/Tilebot-CN is a worm and IRC backdoor Trojan for the Windows platform.

W32/Tilebot-CN includes the functionalities to:

- access the internet and communicate with a remote server via HTTP
- provide a backdoor server to allow a remote intruder to gain access and control via IRC
- enumerate all drives and processes on the infected computer
- create new AOL Instant Messenger profiles
- perform port scanning

http://www.sophos.com/virusinfo/analyses/w32tilebotcn.html

- Collapse -
W32/Rbot-BCR
by roddy32 Dec 19, 2005 11:52PM PST
- Collapse -
W32/Traxg-G
by roddy32 Dec 20, 2005 12:21AM PST

Type
Worm

Aliases
WORM_XDDTRAY.A
W32.Xddtray@mm

W32/Traxg-G is a worm for the Windows platform.

W32/Traxg-G includes functionality to spread through emails, network shares or by coping itself to the drives A and D.

W32/Traxg-G may display the following fake warning message:

Warning
This Folder Has Been Damage!

http://www.sophos.com/virusinfo/analyses/w32traxgg.html

- Collapse -
W32/Rbot-BEC
by roddy32 Dec 20, 2005 12:23AM PST

Type
Worm

W32/Rbot-BEC is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BEC spreads:

- to computers infected with the W32/Sasser worm
- to other network computers by exploiting common buffer overflow
vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WebDav (MS03-007), and ASN.1 (MS04-007)
- by copying itself to network shares and Microsoft SQL servers protected by weak passwords

W32/Rbot-BEC runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbec.html

- Collapse -
Troj/Delf-AJW
by roddy32 Dec 20, 2005 12:25AM PST
- Collapse -
Troj/BagleDl-AP
by roddy32 Dec 20, 2005 12:27AM PST
- Collapse -
Troj/Feutel-BC
by roddy32 Dec 20, 2005 12:58AM PST
- Collapse -
Troj/AdClick-BO
by roddy32 Dec 20, 2005 1:00AM PST
- Collapse -
Troj/QHosts-K
by roddy32 Dec 20, 2005 1:01AM PST
- Collapse -
Troj/Feutel-BB
by roddy32 Dec 20, 2005 1:03AM PST

Type
Spyware Trojan

Aliases
Backdoor.Win32.Hupigon.pi
BackDoor-AWQ.b
Trojan.W32.Pigeon-5

Troj/Feutel-BB is a backdoor Trojan for the Windows platform.

Troj/Feutel-BB includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojfeutelbb.html

- Collapse -
Troj/GrayBrd-N
by roddy32 Dec 20, 2005 1:05AM PST
- Collapse -
Troj/Dloade-AAL
by roddy32 Dec 20, 2005 1:07AM PST
- Collapse -
Troj/Dloade-AAM
by roddy32 Dec 20, 2005 1:13AM PST
- Collapse -
W32/Tilebot-CO
by roddy32 Dec 20, 2005 1:15AM PST

Type
Worm

Aliases
WORM_SDBOT.CQK
W32.Spybot.Worm

W32/Tilebot-CO is a worm and IRC backdoor Trojan for the Windows platform.

W32/Tilebot-CO spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.

W32/Tilebot-CO runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32tilebotco.html

- Collapse -
Troj/Banbra-BD
by roddy32 Dec 20, 2005 1:16AM PST
- Collapse -
Troj/Banload-CL
by Marianna Schmudlach Dec 20, 2005 8:44AM PST
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info