Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 27, 2005

by roddy32 Dec 26, 2005 11:30PM PST

W32/Brontok-J

Type
Worm

Aliases
W32.Rontokbro@mm
Email-Worm.Win32.Brontok.c

W32/Brontok-J is an email worm for the Windows platform.

W32/Brontok-J attempts to send itself to email addresses harvested from the computer. It will also attempt to modify various Windows Explorer settings.

W32/Brontok-J will restart the computer if it finds a window title containing certain strings such as ".EXE".

http://www.sophos.com/virusinfo/analyses/w32brontokj.html

Discussion is locked

31 - 60 of 42 Posts
- Collapse + Expand Details
- Collapse -
W32/Mytob-GF
by Marianna Schmudlach Dec 27, 2005 2:01PM PST

Type Worm

W32/Mytob-GF is a mass-mailing worm and IRC backdoor Trojan for the Windows platform.
W32/Mytob-GF runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
Messages sent by the worm will have the following characteristics.
Subject title chosen from:
Notice: **Last Warning**
*IMPORTANT* Please Confirm Your Account
Account Alert
Notice of account limitation
Important Notification
*IMPORTANT* Please Validate Your Account
Security measures
<random characters>
Message text:
'Dear Valued Member,
According to our terms of services, you will have to confirm your e-mail by the following link or your account will be suspended within 24 hours for security reasons.
<link to worm>
Thank you for your attention to this request. We apologize for any inconvenience.
Sincerely <random name> Security Department'

http://www.sophos.com/virusinfo/analyses/w32mytobgf.html

- Collapse -
Troj/BagleDl-BE
by Marianna Schmudlach Dec 27, 2005 2:02PM PST

Type Trojan

Aliases Email-Worm.Win32.Bagle.ex
Trojan.Lodeight.A

Troj/BagleDl-BE is a downloader Trojan for the Windows platform.
Troj/BagleDl-BE includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojbagledlbe.html

- Collapse -
W32/Sdbot-AJR
by Marianna Schmudlach Dec 27, 2005 2:03PM PST

Type Worm

Aliases WORM_SDBOT.CUA

W32/Sdbot-AJR is a worm and IRC backdoor Trojan for the Windows platform.
W32/Sdbot-AJR runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
W32/Sdbot-AJR includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/w32sdbotajr.html

- Collapse -
Troj/Dadobra-M
by Marianna Schmudlach Dec 27, 2005 2:04PM PST

Type Trojan

Aliases Trojan-Downloader.Win32.Banload.ez
Downloader-ABU
TROJ_BANLOAD.AK

Troj/Dadobra-M is a Trojan for Windows platform.
Troj/Dadobra-M has the following functionalities:
- communicate with a remote server via HTTP
- download file from a remote server via HTTP and run the file
- send emails to the email addresses found on an infected computer


http://www.sophos.com/virusinfo/analyses/trojdadobram.html

- Collapse -
Troj/Akbot-A
by Marianna Schmudlach Dec 27, 2005 2:05PM PST

Type Trojan

Troj/Akbot-A is a Trojan for the Windows platform.
Troj/Akbot-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/trojakbota.html

- Collapse -
Troj/Dadobra-CU
by Marianna Schmudlach Dec 27, 2005 2:07PM PST
- Collapse -
W32/Rbot-BFW
by Marianna Schmudlach Dec 27, 2005 2:08PM PST

Type Trojan

Aliases WORM_RBOT.DAP

W32/Rbot-BFW is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BFW spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.

http://www.sophos.com/virusinfo/analyses/w32rbotbfw.html

- Collapse -
Troj/Zlob-AK
by Marianna Schmudlach Dec 27, 2005 2:11PM PST
- Collapse -
W32/Rbot-BFY
by Marianna Schmudlach Dec 27, 2005 2:12PM PST

Type Worm

W32/Rbot-BFY is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BFY spreads:
- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), IIS5SSL (MS04-011) (CAN-2003-0719) and Dameware (CAN-2003-1030)
- by copying itself to network shares protected by weak passwords

http://www.sophos.com/virusinfo/analyses/w32rbotbfy.html

- Collapse -
Troj/Dadobra-AF
by Marianna Schmudlach Dec 27, 2005 2:13PM PST
- Collapse -
Troj/Banker-OF
by Marianna Schmudlach Dec 27, 2005 2:14PM PST
- Collapse -
Troj/ServU-BT
by Marianna Schmudlach Dec 27, 2005 2:15PM PST
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info