Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 21, 2005

Dec 20, 2005 9:47PM PST

Discussion is locked

- Collapse -
Troj/Banload-CO
Dec 20, 2005 9:48PM PST

Type
Trojan

Aliases
Trojan-Downloader.Win32.Delf.acx

Troj/Banload-CO is a Trojan downloader for the Windows platform.

Troj/Banload-CO includes functionality to access the internet and communicate
with a remote server via HTTP.

The downloaded file is detected as Troj/Bancban-MO.

http://www.sophos.com/virusinfo/analyses/trojbanloadco.html

- Collapse -
Troj/Bancban-MO
Dec 20, 2005 9:50PM PST
- Collapse -
Troj/Bancos-GV
Dec 20, 2005 9:52PM PST
- Collapse -
Troj/Banload-CM
Dec 20, 2005 9:54PM PST
- Collapse -
Troj/Delf-MC
Dec 20, 2005 9:55PM PST
- Collapse -
Troj/Bancos-GR
Dec 20, 2005 9:57PM PST
- Collapse -
Troj/Bancban-MN
Dec 20, 2005 9:59PM PST
- Collapse -
Troj/Bancban-MH
Dec 20, 2005 10:00PM PST
- Collapse -
Troj/Bancban-MM
Dec 20, 2005 10:02PM PST
- Collapse -
Troj/Lineage-KX
Dec 20, 2005 10:04PM PST
- Collapse -
Troj/DownLdr-FM
Dec 20, 2005 10:08PM PST
- Collapse -
Troj/Bancos-GF
Dec 20, 2005 10:09PM PST
- Collapse -
W32/Feebs-A
Dec 20, 2005 10:48PM PST

Type
Spyware Worm

W32/Feebs-A is a worm for the Windows platform.

The worm may arrive as an attachment to an email claiming to be sent via "Protected E-Mail service" with bogus credentials. The message may lure the recipient into entering the supplied credentials into an attached HTML document.

W32/Feebs-A also creates several copies of itself in ZIP format in paths containing "share".

W32/Feebs-A may also harvest information from the infected computer and send stolen data to a remote user via FTP.

http://www.sophos.com/virusinfo/analyses/w32feebsa.html

- Collapse -
Troj/Bifrose-R
Dec 20, 2005 10:49PM PST
- Collapse -
Troj/Dloadr-ACP
Dec 20, 2005 10:51PM PST
- Collapse -
Troj/Bizves-C
Dec 20, 2005 10:54PM PST

Type
Trojan

Aliases
Exploit-ByteVerify

Troj/Bizves-C is a Trojan for the Windows platform.

Troj/Bizves-C creates a file named loadclean.exe in the Windows folder.
Loadclean.exe is detected by Sophos's anti-virus products as Troj/Bizves-Gen.

http://www.sophos.com/virusinfo/analyses/trojbizvesc.html

- Collapse -
Troj/Dloadr-ACQ
Dec 20, 2005 10:58PM PST

Type
Trojan

Aliases
Trojan-Downloader.Win32.Adload.

Troj/Dloadr-ACQ is a downloader Trojan for the Windows platform.
The Trojan downloads a file to C:\drsmartload.exe and runs the downloaded file.

At the time of writing drsmartload.exe is detected by Sophos's anti-virus products as Troj/Drsmartl-C.

http://www.sophos.com/virusinfo/analyses/trojdloadracq.html

- Collapse -
Troj/Banload-CA
Dec 20, 2005 11:00PM PST
- Collapse -
Troj/Banload-CC
Dec 20, 2005 11:02PM PST
- Collapse -
Troj/VBanker-C
Dec 20, 2005 11:04PM PST

Type
Spyware Trojan

Aliases
Trojan-Spy.Win32.Bancos.lo

Troj/VBanker-C is a Trojan for the Windows platform.

The Trojan monitors Internet Explorer windows for sessions with online banking web sites. The Trojan captures login credentials and sends stolen information to a remote attacker.

http://www.sophos.com/virusinfo/analyses/trojvbankerc.html

- Collapse -
Troj/Banload-CB
Dec 20, 2005 11:06PM PST
- Collapse -
Troj/VBanker-B
Dec 20, 2005 11:09PM PST

Type
Spyware Trojan

Aliases
Trojan-Spy.Win32.Bancos.jl

Troj/VBanker-B is a Trojan for the Windows platform.

The Trojan monitors Internet Explorer windows for sessions with online banking web sites. The Trojan captures login credentials and sends stolen information to a remote attacker.

http://www.sophos.com/virusinfo/analyses/trojvbankerb.html

- Collapse -
Troj/Smwg-A
Dec 21, 2005 12:04AM PST
- Collapse -
Troj/Lineage-CA
Dec 21, 2005 12:06AM PST
- Collapse -
Troj/LegMir-CG
Dec 21, 2005 12:08AM PST
- Collapse -
W32/Tibick-B
Dec 21, 2005 12:09AM PST

Type
Spyware Worm

Aliases
W32.Spybot.Worm

W32/Tibick-B is a P2P worm and IRC backdoor Trojan for the Windows platform.

W32/Tibick-B spreads via file sharing on P2P networks.

W32/Tibick-B has the functionalities to:

- allow a remote intruder to gain access and control over the infected computer via IRC
- steal information
- participate in DDos
- silently download, install and run new software

http://www.sophos.com/virusinfo/analyses/w32tibickb.html

- Collapse -
W32/Sdbot-AJA
Dec 21, 2005 12:14AM PST

Type
Worm

Aliases
WORM_SDBOT.CRG

W32/Sdbot-AJA is a worm and IRC backdoor Trojan for the Windows platform.

W32/Sdbot-AJA includes functionalities to:

- access the internet and communicate with a remote server via HTTP
- allow a remote intruder to gain access and control over the infected computer via IRC

http://www.sophos.com/virusinfo/analyses/w32sdbotaja.html

- Collapse -
Troj/Bancban-MP
Dec 21, 2005 12:16AM PST
- Collapse -
Troj/Jupdrop-A
Dec 21, 2005 12:19AM PST
- Collapse -
Troj/Jupdow-A
Dec 21, 2005 12:21AM PST

Type
Trojan

Aliases
Trojan-Proxy.Win32.Delf.al

Troj/Jupdow-A is a Trojan for the Windows platform.

Troj/Jupdow-A attempts to download configuration files from a remote website to the Windows temp folder, and may then attempt to download files from further websites.

http://www.sophos.com/virusinfo/analyses/trojjupdowa.html