 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
W32/Dasher-D
Type Worm
Aliases Net-Worm.Win32.Dasher.c
W32/Dasher-D is a worm for the Windows platform.
W32/Dasher-D spreads by exploiting the MSDTC (MS05-051) vulnerability.
http://www.sophos.com/virusinfo/analyses/w32dasherd.html
Discussion is locked
Type Trojan
Troj/Kango-B is a Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojkangob.html
Type Worm
W32/Rbot-BFP is a worm and with backdoor functionality for the Windows platform.
W32/Rbot-BFP spreads:
- to other network computers infected with: Troj/Kuang, Troj/Sub7, W32/Sasser, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), UPNP (MS01-059) and Dameware (CAN-2003-1030)
- by copying itself to network shares and MSSQL servers protected by weak passwords
W32/Rbot-BFP can be controlled by a remote attacker over IRC channels. The backdoor component of W32/Rbot-BFP can be instructed by a remote user to perform the following functions:
start an FTP server
start a Proxy server
start a web server
take part in distributed denial of service (DDoS) attacks
packet sniffing
port scanning
download/execute arbitrary files
start a remote shell (RLOGIN)
http://www.sophos.com/virusinfo/analyses/w32rbotbfp.html
Type Spyware Worm
Aliases WORM_SDBOT.CSB
W32/Rbot-BFQ is a worm for the Windows platform.
W32/Rbot-BFQ spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011) and RPC-DCOM (MS04-012) and by network shares protected by weak passwords.
W32/Rbot-BFQ can be controlled by a remote attacker over IRC channels. The backdoor component of W32/Rbot-BFQ can be instructed by a remote user to perform the following functions:
start an FTP server
start a Proxy server
start a web server
take part in distributed denial of service (DDoS) attacks
log keypresses
capture screen/webcam images
packet sniffing
port scanning
download/execute arbitrary files
start a remote shell (RLOGIN)
steal product registration information from certain software
http://www.sophos.com/virusinfo/analyses/w32rbotbfq.html
Type Trojan
Aliases Trojan-Downloader.Win32.Small.cci
Troj/Small-FR is a Trojan for the Windows platform.
Troj/Small-FR includes functionality to access the internet and communicate with a remote server via HTTP.
http://www.sophos.com/virusinfo/analyses/trojsmallfr.html
Type Trojan
Aliases TROJ_DLOADER.AHL
Troj/Dloadr-AHL is a Trojan for the Windows platform.
Troj/Dloadr-AHL includes functionality to download, install and run new software.
When Troj/Dloadr-AHL is installed it creates the file <Windows>\Tasks\Kuho_Install_Program.job in order to be run by the Windows task scheduler.
http://www.sophos.com/virusinfo/analyses/trojdloadrahl.html
Type Spyware Trojan
Aliases BackDoor-CSN
Troj/Bdoor-CSN is a backdoor Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojbdoorcsn.html
Type Trojan
Troj/Flood-ET is a Trojan for the Windows platform.
Troj/Flood-ET runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
http://www.sophos.com/virusinfo/analyses/trojfloodet.html
Type Trojan
Aliases Backdoor.Win32.ServU-based.u
Troj/ServU-BQ is a modified version of a commercial FTP application, which can act as a backdoor Trojan.
Troj/ServU-BQ runs continuously in the background providing an FTP server on a TCP port specified in its configuration file (the default is port 4395
.
http://www.sophos.com/virusinfo/analyses/trojservubq.html
Type Worm
Aliases Backdoor.Win32.SdBot.aix
W32/Sdbot.worm.gen.bp
W32/Sdbot-AIM is a worm and IRC backdoor Trojan for the Windows platform.
W32/Sdbot-AIM runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
http://www.sophos.com/virusinfo/analyses/w32sdbotaim.html
Type Worm
Aliases Backdoor.Win32.Rbot.akf
W32/Rbot-BDT is a worm and IRC backdoor for the Windows platform.
http://www.sophos.com/virusinfo/analyses/w32rbotbdt.html
Type Worm
Aliases Backdoor.Win32.IRCBot.gu
W32/Spybot-EP is a worm and IRC backdoor for the Windows platform.
http://www.sophos.com/virusinfo/analyses/w32spybotep.html
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic