Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - December 29, 2005

Dec 28, 2005 10:47PM PST

Discussion is locked

- Collapse -
Troj/Small-GN
Dec 28, 2005 10:50PM PST
- Collapse -
Troj/Bancban-NA
Dec 28, 2005 10:52PM PST
- Collapse -
Troj/Bancban-NB
Dec 28, 2005 10:54PM PST
- Collapse -
Troj/Banker-PN
Dec 28, 2005 10:56PM PST
- Collapse -
Troj/Banker-PM
Dec 28, 2005 10:57PM PST
- Collapse -
Troj/Puper-AC
Dec 28, 2005 10:59PM PST
- Collapse -
Troj/Dloadr-ACU
Dec 28, 2005 11:03PM PST

Type
Trojan

Aliases
Trojan-Downloader.Win32.Dadobra.a

Troj/Dloadr-ACU is a Trojan for the Windows platform.

Troj/Dloadr-ACU has the functionalities to:

- access the Internet and communciate with a remote server
- download, install and run new software

http://www.sophos.com/virusinfo/analyses/trojdloadracu.html

- Collapse -
Troj/Ranck-DL
Dec 28, 2005 11:05PM PST

Type
Trojan

Aliases
BKDR_SMALL.AVD

Troj/Ranck-DL is a proxy Trojan for the windows platform.

Troj/Ranck-DL has the functionalities to:

- allow remote intruder to route Internet traffic through the infected computer
- communicate information to a remote server

http://www.sophos.com/virusinfo/analyses/trojranckdl.html

- Collapse -
W32/Sdbot-AKG
Dec 28, 2005 11:06PM PST

Type
Worm

W32/Sdbot-AKG is a worm and IRC backdoor Trojan for the Windows platform.

W32/Sdbot-AKG spreads to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil and W32/MyDoom.

W32/Sdbot-AKG runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32sdbotakg.html

- Collapse -
Troj/Sdbot-AKF
Dec 28, 2005 11:08PM PST

Type
Trojan

Troj/Sdbot-AKF is a backdoor Trojan for the Windows platform.

Troj/Sdbot-AKF has the functionalities to:

- communicate with a remote server
- allow remote intruderto gain access and control over the infected computer via IRC

http://www.sophos.com/virusinfo/analyses/trojsdbotakf.html

- Collapse -
W32/Loosky-M
Dec 28, 2005 11:41PM PST
- Collapse -
Troj/Zlob-AL
Dec 28, 2005 11:42PM PST
- Collapse -
Troj/Puper-AD
Dec 28, 2005 11:44PM PST
- Collapse -
W32/Brontok-K
Dec 28, 2005 11:47PM PST
- Collapse -
W32/Sdranck-W
Dec 28, 2005 11:48PM PST
- Collapse -
Exp/WMF-A
Dec 28, 2005 11:50PM PST
- Collapse -
Troj/RKNu-A
Dec 29, 2005 7:51AM PST

Type Trojan

Aliases Backdoor.Win32.Nucleroot.a

Troj/RKNu-A is a rootkit for the Windows platform.
The rootkit can be used to hide files, processes, registry entries, network connections and to prevent applications from running.

http://www.sophos.com/virusinfo/analyses/trojrknua.html

- Collapse -
Troj/StartP-ADY
Dec 29, 2005 7:52AM PST
- Collapse -
Troj/Dropper-CM
Dec 29, 2005 7:53AM PST
- Collapse -
Troj/Sharp-N
Dec 29, 2005 7:54AM PST
- Collapse -
Troj/Hupigon-U
Dec 29, 2005 7:55AM PST
- Collapse -
Troj/Zlob-DM
Dec 29, 2005 7:56AM PST
- Collapse -
Troj/Mipbot-D
Dec 29, 2005 7:57AM PST
- Collapse -
W32/Sdbot-AKH
Dec 29, 2005 7:58AM PST

Type Worm

W32/Sdbot-AKH is a worm and IRC backdoor Trojan for the Windows platform.
W32/Sdbot-AKH runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32sdbotakh.html

- Collapse -
Troj/StartPa-IQ
Dec 29, 2005 7:59AM PST
- Collapse -
Troj/DownLdr-IK
Dec 29, 2005 7:59AM PST
- Collapse -
Troj/DownLdr-NS
Dec 29, 2005 8:00AM PST

Type Trojan

Aliases Downloader-***
Trojan-Downloader.Win32.Agent.ach

Troj/DownLdr-NS is a downloader Trojan for the Windows platform.
Troj/DownLdr-NS will download and execute files from a remote URL to the Windows temp folder with random names of the form dmx<number>.tmp.

http://www.sophos.com/virusinfo/analyses/trojdownldrns.html

- Collapse -
Troj/Feutel-B
Dec 29, 2005 8:10AM PST

Type Spyware Trojan

Aliases Backdoor.Win32.Hupigon.j

Troj/Feutel-B is a backdoor Trojan for the Windows platform.
Troj/Feutel-B connects to the internet and attempts to download configuration files from preconfigured sites. The Trojan installs a keylogging component and opens up a backdoor allowing unauthorized remote access to the infected computer.

http://www.sophos.com/virusinfo/analyses/trojfeutelb.html

- Collapse -
Troj/Small-DQ
Dec 29, 2005 8:11AM PST
- Collapse -
W32/Rbot-YU
Dec 29, 2005 8:11AM PST

Type Spyware Worm

W32/Rbot-YU is an IRC backdoor and network worm.
W32/Rbot-YU may spread to remote network shares protected by weak passwords and computers vulnerable to common exploits. The worm also opens up a backdoor, allowing unauthorised remote access to infected computers via the IRC network, while running in the background as a service process. The worm exploits the following vulnerabilities: RPC-DCOM (MS04-12), LSASS (MS04-11), NTPass, WKS (MS03-049), and NetBios. Patches for these vulnerabilities are available from Microsoft at:
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx
http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx

http://www.sophos.com/virusinfo/analyses/w32rbotyu.html