Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 21, 2005

by roddy32 Dec 20, 2005 9:47PM PST

Discussion is locked

31 - 60 of 62 Posts
- Collapse + Expand Details
- Collapse -
Troj/Jupdow-B
by roddy32 Dec 21, 2005 12:22AM PST

Type
Trojan

Troj/Jupdow-B is a Trojan for the Windows platform.

Troj/Jupdow-B attempts to download configuration files from a remote website to the Windows temp folder, and may then attempt to download files from further websites.

http://www.sophos.com/virusinfo/analyses/trojjupdowb.html

- Collapse -
Troj/GrayBrd-AL
by roddy32 Dec 21, 2005 12:24AM PST
- Collapse -
Troj/Bancban-IR
by roddy32 Dec 21, 2005 12:28AM PST
- Collapse -
W32/Rbot-AYC
by roddy32 Dec 21, 2005 12:30AM PST

Type
Worm

Aliases
W32/Spybot.NLU
W32/Sdbot.worm.gen.bh

W32/Rbot-AYC is a worm with IRC backdoor functionality for the Windows platform.

W32/Rbot-AYC can spread via network shares or MSSQL when it finds weak passwords. It may also spread to systems compromised by other malware, or by exploiting common vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), IIS5SSL (MS04-011) (CAN-2003-0719), UPNP (MS01-059), Veritas (CAN-2004-1172), Dameware (CAN-2003-1030), PNP (MS05-039), and ASN.1 (MS04-007).

W32/Rbot-AYC runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotayc.html

- Collapse -
Troj/Dumaru-BR
by roddy32 Dec 21, 2005 12:32AM PST

Type
Trojan

Aliases
Backdoor.Win32.Dumador.ez

Troj/Dumaru-BR is a password-stealing backdoor Trojan which allows a remote intruder to gain access and control over the computer.

Troj/Dumaru-BR includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojdumarubr.html

- Collapse -
Troj/Agent-KM
by roddy32 Dec 21, 2005 12:33AM PST

Type
Trojan

Aliases
Backdoor.Win32.Agent.km BackDoor-CPX

Troj/Agent-KM is a backdoor Trojan for the Windows platform.

Troj/Agent-KM allows a remote user to use a gain access and control over the computer using a command prompt.

Troj/Agent-KM includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojagentkm.html

- Collapse -
Troj/Gatto-A
by roddy32 Dec 21, 2005 12:35AM PST
- Collapse -
Troj/Hazif-B
by roddy32 Dec 21, 2005 12:36AM PST
- Collapse -
Troj/Bancban-MQ
by roddy32 Dec 21, 2005 12:40AM PST

Type
Spyware Trojan

Troj/Bancban-MQ is a password stealing Trojan for the Windows platform.

Troj/Bancban-MQ targets the customers of certain Brazilian online banking websites by displaying fake interfaces and recording any details entered.

Troj/Bancban-MQ includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojbancbanmq.html

- Collapse -
W32/Kelvir-BJ
by roddy32 Dec 21, 2005 12:41AM PST
- Collapse -
Troj/Bancban-MR
by roddy32 Dec 21, 2005 12:43AM PST
- Collapse -
Troj/Haxdoor-AP
by roddy32 Dec 21, 2005 12:45AM PST

Type
Trojan

Aliases
BackDoor-BAC.gen.c
Backdoor.Haxdoor

Troj/Haxdoor-AP is a Trojan for the Windows platform.

Sophos's anti-virus products include Genotype? detection technology, which can proactively protect against new threats without requiring an update. Sophos customers have been protected against Troj/Haxdoor-AP (detected as Troj/Haxdor-Fam) since version 4.00.

http://www.sophos.com/virusinfo/analyses/trojhaxdoorap.html

- Collapse -
Troj/GrayBir-AJ
by roddy32 Dec 21, 2005 12:47AM PST
- Collapse -
Troj/DownLdr-HZ
by roddy32 Dec 21, 2005 12:48AM PST
- Collapse -
W32/Sunk-A
by Marianna Schmudlach Dec 21, 2005 8:21AM PST

Type Worm

Aliases Virus.Win32.VB.aa

W32/Sunk-A is a worm for the Windows platform.
The worm will display the following fake error message:
"An unexpected error has occurred on the execution of this file"
W32/Sunk-A will attempt to replace every file on the infected computer that has the extension EXE with a copy of itself. The worm will also copy itself to folders known to be used by popular Peer-To-Peer programs using various names.
W32/Sunk-A will send messages to AIM users with one of the following messages and a link to a url that contains an executable:
Aim Hacker 1.3 FREE!
Best Aim Password Cracker written by ZeX.
Better then limewire and kazaa put together!
Check my Pics Out!
Check out my music!
Check out my webcam.
Click to join! Better then myspace and xanga!
Cool hacking programs!
Download Aim Optimized 4.9!
Download Dead Aim (5.9+)- NEW!
Download my mp3 i made.
Download My Profile.
Email Hacker Pro 1.5 This is awsome! Happy
Free Aim Password Cracker. Use it to hack your friends.
Funniest Clip Ever!
Game Hacker program download here.
Get X-im Chat! Better then AIM!
Hack Webcams and Aim accounts with O-Hax! This is the last day it will be out
for free!
Have you see this!
INFINITE FREE PICS OF ASIAN HOTTIES!
Join this free music site!
LMAO OMG THIS IS HILARIOUS!
LOL Check these Pics out.
Lol OMG! Someone posted your picture here!
LOL Watch this clip!
LOLOL *** IS THIS?!
Make your own Profile!
My Xanga!
OMG LOOK IT'S YOU!
Play the new Aim Online game!
See my Beach pictures!!
Take my Quiz!
THE KEY TO HAPPINESS IS LAUGHTER!
This game is badass! Play now!
View My BuddyProfile
Wanna See My Profile!

http://www.sophos.com/virusinfo/analyses/w32sunka.html

- Collapse -
Troj/BagleDl-AQ
by Marianna Schmudlach Dec 21, 2005 8:22AM PST
- Collapse -
Troj/Bancban-MS
by Marianna Schmudlach Dec 21, 2005 8:23AM PST

Type Spyware Trojan

Troj/Bancban-MS is a password stealing Trojan for the Windows platform.
Troj/Bancban-MS targets the customers of certain Brazilian online banking websites by displaying fake interfaces and recording any details entered.
Troj/Bancban-MS includes functionality to send notification messages to remote locations.

http://www.sophos.com/virusinfo/analyses/trojbancbanms.html

- Collapse -
Troj/Banito-I
by Marianna Schmudlach Dec 21, 2005 8:23AM PST
- Collapse -
Troj/BankDl-AC
by Marianna Schmudlach Dec 21, 2005 8:24AM PST
- Collapse -
Troj/DownLdr-IL
by Marianna Schmudlach Dec 21, 2005 8:25AM PST
- Collapse -
Troj/DownLdr-UP
by Marianna Schmudlach Dec 21, 2005 8:26AM PST
- Collapse -
Troj/Feutel-BD
by Marianna Schmudlach Dec 21, 2005 8:27AM PST
- Collapse -
Troj/Feutel-BE
by Marianna Schmudlach Dec 21, 2005 8:28AM PST
- Collapse -
Troj/Graybir-AE
by Marianna Schmudlach Dec 21, 2005 8:28AM PST

Type Trojan

Aliases BackDoor-AWQ.b

Troj/Graybir-AE is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.
Troj/Graybir-AE includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojgraybirae.html

- Collapse -
Troj/Hackvan-C
by Marianna Schmudlach Dec 21, 2005 8:29AM PST
- Collapse -
Troj/Lewor-R
by Marianna Schmudlach Dec 21, 2005 8:30AM PST

Type Spyware Trojan

Aliases Trojan-Downloader.Win32.Delf.ack

Troj/Lewor-R is a Trojan for the Windows platform.
Troj/Lewor-R includes functionality to download, install and run new software, to log keypresses, and to email the information it steals to a remote user.
Troj/Lewor-R also attempts to terminate certain security related applications and prevent their automatic startup.

http://www.sophos.com/virusinfo/analyses/trojleworr.html

- Collapse -
Troj/VB-KR
by Marianna Schmudlach Dec 21, 2005 8:31AM PST
- Collapse -
Troj/VBClick-A
by Marianna Schmudlach Dec 21, 2005 8:32AM PST

Type Trojan

Aliases Trojan-Clicker.Win32.VB.ie

Troj/VBClick-A is a Trojan for the Windows platform.
Troj/VBClick-A includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/VBClick-A may overwrite an important Windows system file.

http://www.sophos.com/virusinfo/analyses/trojvbclicka.html

- Collapse -
Troj/Warspy-S
by Marianna Schmudlach Dec 21, 2005 8:33AM PST

Type Spyware Trojan

Aliases TROJ_WARSPY.S
W32/Warspy.B
Trojan-Downloader.Win32.WarSpy.e

Troj/Warspy-S is a downloader Trojan that attempts to contact a number of websites and display a number of fake warning messages.
Troj/Warspy-S may attempt to create internet shortcuts on the Desktop pointing to scripts on remote sites.
Troj/Warspy-S may attempt to download and execute a file from a remote URL.
Troj/Warspy-S may arrive bundled with additional adware components.

http://www.sophos.com/virusinfo/analyses/trojwarspys.html

- Collapse -
W32/Rbot-BFX
by Marianna Schmudlach Dec 21, 2005 8:33AM PST

Type Worm

Aliases Backdoor.Win32.Rbot.alb

W32/Rbot-BFX is a worm and IRC backdoor for the Windows platform.
W32/Rbot-BFX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
W32/Rbot-BFX includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/w32rbotbfx.html

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info