Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - February 28, 2007

by Marianna Schmudlach / February 27, 2007 2:16 PM PST

W32/Fujacks-AC

Type Virus

Aliases Worm.Win32.Fujack.l
W32/Fujack.J
W32/Fujacks.q

W32/Fujacks-AC is a virus for the Windows platform.

W32/Fujacks-AC spreads to other network computers using Windows file sharing.

W32/Fujacks-AC spreads to removable devices attached to the computer.

W32/Fujacks-AC infects HTML files with a malicious download link.

W32/Fujacks-AC includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/security/analyses/w32fujacksac.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - February 28, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - February 28, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/Kit-DO
by Marianna Schmudlach / February 27, 2007 2:17 PM PST

Type Trojan

Troj/Kit-DO is a tool for creating backdoor server Trojans.

When executed Trojans created by Troj/Kit-DO notify the attacker of their activity through email.

When executed Trojans created by Troj/Kit-DO open a remote administration port through which the attacker can control the computer by means of a web interface.

The Trojans created by Troj/Kit-DO can contain functionality to disable the Windows firewall.

http://www.sophos.com/security/analyses/trojkitdo.html

Collapse -
W32/Delbot-K
by Marianna Schmudlach / February 27, 2007 2:19 PM PST

Type Spyware Worm

Aliases Backdoor.Win32.VanBot.bd
W32/Sdbot.worm.gen.h

W32/Delbot-K is a worm with IRC backdoor functionality for the Windows platform.

W32/Delbot-K spreads
- to computers vulnerable to common exploits, including: SRVSVC (MS06-040), RPC-DCOM (MS04-012), Symantec (SYM06-010)
- to MSSQL servers protected by weak passwords

W32/Delbot-K runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/security/analyses/w32delbotk.html

Collapse -
Troj/WQDel-Gen
by Marianna Schmudlach / February 27, 2007 2:21 PM PST
Collapse -
W32/Sdbot-CZX
by Marianna Schmudlach / February 27, 2007 2:22 PM PST
Collapse -
VBS.Solow.C
by Marianna Schmudlach / February 27, 2007 2:24 PM PST
Collapse -
Mal/Cimuz-A
by Marianna Schmudlach / February 27, 2007 2:26 PM PST

Mal/Cimuz-A is a family of Trojans for the Windows platform. Mal/Cimuz-A Trojans typically install a dll to the <System> folder, and register this dll as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer.

http://vil.nai.com/vil/content/v_141590.htm

Collapse -
Troj/Agent-ECW
by Marianna Schmudlach / February 27, 2007 11:21 PM PST
Collapse -
Troj/Agent-ECY
by Marianna Schmudlach / February 27, 2007 11:22 PM PST
Collapse -
W32/Fujacks-AD
by Marianna Schmudlach / February 27, 2007 11:24 PM PST
Collapse -
Mal/EncPk-D
by Marianna Schmudlach / February 27, 2007 11:25 PM PST
Collapse -
Spam-Mespam
by Marianna Schmudlach / February 27, 2007 11:51 PM PST
Collapse -
W32.Takeobel
by Marianna Schmudlach / February 27, 2007 11:53 PM PST
Collapse -
W32/Sdbot.worm!33800
by Marianna Schmudlach / February 27, 2007 11:55 PM PST

Description:
W32/Sdbot.worm!33800 is an internet relay chat controlled backdoor, which provides an attacker with unauthorized remote access to the compromised computer. An attacker can gain control over the compromised computer and use it to send spam, install ad...

http://vil.nai.com/vil/content/v_141591.htm

Collapse -
JohnTheRipperPasswordCracker
by Marianna Schmudlach / February 27, 2007 11:57 PM PST
Collapse -
SurfAccuracy
by Marianna Schmudlach / February 27, 2007 11:59 PM PST
Collapse -
Adpower
by Marianna Schmudlach / February 28, 2007 12:00 AM PST

Alert ID : FrSIRT/ALRT-2007-01423
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2007-02-28


Description

Adpower is a dialer application with advertising functionality. Adpower may dial-up a premium rate service after prompting the user.

References

http://www.sophos.com/virusinfo/analyses/adpower.html

Credits

Reported by Sophos

Collapse -
W32.Rinbot.L
by Marianna Schmudlach / February 28, 2007 3:46 AM PST
Collapse -
Solaris.Wanukdoor
by Marianna Schmudlach / February 28, 2007 3:48 AM PST
Collapse -
VBS.Solow.D
by Marianna Schmudlach / February 28, 2007 3:50 AM PST
Collapse -
W32/Reyds-A
by Marianna Schmudlach / February 28, 2007 7:48 AM PST

Type Virus

Aliases W32.Reyds.A
PE_REYDS.A

W32/Reyds-A is a prepending virus for the Windows platform.

W32/Reyds-A infects files in the Windows system folder with the SCR or EXE extension.

W32/Reyds-A drops and executes a file detected as Troj/Delf-DZX.

http://www.sophos.com/security/analyses/w32reydsa.html

Collapse -
Troj/StartP-BEF
by Marianna Schmudlach / February 28, 2007 7:49 AM PST

Type Trojan

Aliases Trojan.Win32.StartPage.ee
StartPage-AF
Win32/StartPage.AAD
Trojan.StartPage
TROJ_STRTPAGE.AF

Troj/StartP-BEF is a Trojan for the Windows platform that changes the Internet Explorer home page and search settings.

http://www.sophos.com/security/analyses/trojstartpbef.html

Collapse -
W32/Rbot-GHE
by Marianna Schmudlach / February 28, 2007 7:51 AM PST
Collapse -
Troj/Cimga-H
by Marianna Schmudlach / February 28, 2007 7:52 AM PST
Collapse -
Troj/CimgaKit-H
by Marianna Schmudlach / February 28, 2007 7:54 AM PST
Collapse -
Troj/Banker-FAT
by Marianna Schmudlach / February 28, 2007 7:55 AM PST
Collapse -
W32/Delbot-L
by Marianna Schmudlach / February 28, 2007 7:56 AM PST

Type Worm

Aliases Backdoor.Win32.VanBot.be
W32.Rinbot.H

W32/Delbot-L is an IRC worm with backdoor functionality which allows a remote intruder to gain access and control over the computer.

W32/Delbot-L spreads:

- to computers vulnerable to common exploits, including Symantec (SYM06-010)
- to MSSQL servers protected by weak passwords

http://www.sophos.com/security/analyses/w32delbotl.html

Collapse -
Troj/Delf-EPG
by Marianna Schmudlach / February 28, 2007 7:58 AM PST
Collapse -
SunOS/Wanukdoor
by Marianna Schmudlach / February 28, 2007 8:02 AM PST

Description:
This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspe...

http://vil.nai.com/vil/content/v_141604.htm

Collapse -
W32/Tilebot-IZ
by Marianna Schmudlach / February 28, 2007 8:43 AM PST

Type Worm

Aliases W32/IRCbot.gen
Win32/IRCBot.WC
W32/Ircbot.XR

W32/Tilebot-IZ is a worm with backdoor functionality for the Windows platform.

W32/Tilebot-IZ includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/security/analyses/w32tilebotiz.html

Collapse -
Troj/KillAV-DM
by Marianna Schmudlach / February 28, 2007 8:45 AM PST
Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.