Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - February 28, 2007

by Marianna Schmudlach / February 27, 2007 2:16 PM PST

W32/Fujacks-AC

Type Virus

Aliases Worm.Win32.Fujack.l
W32/Fujack.J
W32/Fujacks.q

W32/Fujacks-AC is a virus for the Windows platform.

W32/Fujacks-AC spreads to other network computers using Windows file sharing.

W32/Fujacks-AC spreads to removable devices attached to the computer.

W32/Fujacks-AC infects HTML files with a malicious download link.

W32/Fujacks-AC includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/security/analyses/w32fujacksac.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - February 28, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - February 28, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/Kit-DO
by Marianna Schmudlach / February 27, 2007 2:17 PM PST

Type Trojan

Troj/Kit-DO is a tool for creating backdoor server Trojans.

When executed Trojans created by Troj/Kit-DO notify the attacker of their activity through email.

When executed Trojans created by Troj/Kit-DO open a remote administration port through which the attacker can control the computer by means of a web interface.

The Trojans created by Troj/Kit-DO can contain functionality to disable the Windows firewall.

http://www.sophos.com/security/analyses/trojkitdo.html

Collapse -
W32/Delbot-K
by Marianna Schmudlach / February 27, 2007 2:19 PM PST

Type Spyware Worm

Aliases Backdoor.Win32.VanBot.bd
W32/Sdbot.worm.gen.h

W32/Delbot-K is a worm with IRC backdoor functionality for the Windows platform.

W32/Delbot-K spreads
- to computers vulnerable to common exploits, including: SRVSVC (MS06-040), RPC-DCOM (MS04-012), Symantec (SYM06-010)
- to MSSQL servers protected by weak passwords

W32/Delbot-K runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/security/analyses/w32delbotk.html

Collapse -
Troj/WQDel-Gen
by Marianna Schmudlach / February 27, 2007 2:21 PM PST
Collapse -
W32/Sdbot-CZX
by Marianna Schmudlach / February 27, 2007 2:22 PM PST
Collapse -
VBS.Solow.C
by Marianna Schmudlach / February 27, 2007 2:24 PM PST
Collapse -
Mal/Cimuz-A
by Marianna Schmudlach / February 27, 2007 2:26 PM PST

Mal/Cimuz-A is a family of Trojans for the Windows platform. Mal/Cimuz-A Trojans typically install a dll to the <System> folder, and register this dll as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer.

http://vil.nai.com/vil/content/v_141590.htm

Collapse -
Troj/Agent-ECW
by Marianna Schmudlach / February 27, 2007 11:21 PM PST
Collapse -
Troj/Agent-ECY
by Marianna Schmudlach / February 27, 2007 11:22 PM PST
Collapse -
W32/Fujacks-AD
by Marianna Schmudlach / February 27, 2007 11:24 PM PST
Collapse -
Mal/EncPk-D
by Marianna Schmudlach / February 27, 2007 11:25 PM PST
Collapse -
Spam-Mespam
by Marianna Schmudlach / February 27, 2007 11:51 PM PST
Collapse -
W32.Takeobel
by Marianna Schmudlach / February 27, 2007 11:53 PM PST
Collapse -
W32/Sdbot.worm!33800
by Marianna Schmudlach / February 27, 2007 11:55 PM PST

Description:
W32/Sdbot.worm!33800 is an internet relay chat controlled backdoor, which provides an attacker with unauthorized remote access to the compromised computer. An attacker can gain control over the compromised computer and use it to send spam, install ad...

http://vil.nai.com/vil/content/v_141591.htm

Collapse -
JohnTheRipperPasswordCracker
by Marianna Schmudlach / February 27, 2007 11:57 PM PST
Collapse -
SurfAccuracy
by Marianna Schmudlach / February 27, 2007 11:59 PM PST
Collapse -
Adpower
by Marianna Schmudlach / February 28, 2007 12:00 AM PST

Alert ID : FrSIRT/ALRT-2007-01423
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2007-02-28


Description

Adpower is a dialer application with advertising functionality. Adpower may dial-up a premium rate service after prompting the user.

References

http://www.sophos.com/virusinfo/analyses/adpower.html

Credits

Reported by Sophos

Collapse -
W32.Rinbot.L
by Marianna Schmudlach / February 28, 2007 3:46 AM PST
Collapse -
Solaris.Wanukdoor
by Marianna Schmudlach / February 28, 2007 3:48 AM PST
Collapse -
VBS.Solow.D
by Marianna Schmudlach / February 28, 2007 3:50 AM PST
Collapse -
W32/Reyds-A
by Marianna Schmudlach / February 28, 2007 7:48 AM PST

Type Virus

Aliases W32.Reyds.A
PE_REYDS.A

W32/Reyds-A is a prepending virus for the Windows platform.

W32/Reyds-A infects files in the Windows system folder with the SCR or EXE extension.

W32/Reyds-A drops and executes a file detected as Troj/Delf-DZX.

http://www.sophos.com/security/analyses/w32reydsa.html

Collapse -
Troj/StartP-BEF
by Marianna Schmudlach / February 28, 2007 7:49 AM PST

Type Trojan

Aliases Trojan.Win32.StartPage.ee
StartPage-AF
Win32/StartPage.AAD
Trojan.StartPage
TROJ_STRTPAGE.AF

Troj/StartP-BEF is a Trojan for the Windows platform that changes the Internet Explorer home page and search settings.

http://www.sophos.com/security/analyses/trojstartpbef.html

Collapse -
W32/Rbot-GHE
by Marianna Schmudlach / February 28, 2007 7:51 AM PST
Collapse -
Troj/Cimga-H
by Marianna Schmudlach / February 28, 2007 7:52 AM PST
Collapse -
Troj/CimgaKit-H
by Marianna Schmudlach / February 28, 2007 7:54 AM PST
Collapse -
Troj/Banker-FAT
by Marianna Schmudlach / February 28, 2007 7:55 AM PST
Collapse -
W32/Delbot-L
by Marianna Schmudlach / February 28, 2007 7:56 AM PST

Type Worm

Aliases Backdoor.Win32.VanBot.be
W32.Rinbot.H

W32/Delbot-L is an IRC worm with backdoor functionality which allows a remote intruder to gain access and control over the computer.

W32/Delbot-L spreads:

- to computers vulnerable to common exploits, including Symantec (SYM06-010)
- to MSSQL servers protected by weak passwords

http://www.sophos.com/security/analyses/w32delbotl.html

Collapse -
Troj/Delf-EPG
by Marianna Schmudlach / February 28, 2007 7:58 AM PST
Collapse -
SunOS/Wanukdoor
by Marianna Schmudlach / February 28, 2007 8:02 AM PST

Description:
This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspe...

http://vil.nai.com/vil/content/v_141604.htm

Collapse -
W32/Tilebot-IZ
by Marianna Schmudlach / February 28, 2007 8:43 AM PST

Type Worm

Aliases W32/IRCbot.gen
Win32/IRCBot.WC
W32/Ircbot.XR

W32/Tilebot-IZ is a worm with backdoor functionality for the Windows platform.

W32/Tilebot-IZ includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/security/analyses/w32tilebotiz.html

Collapse -
Troj/KillAV-DM
by Marianna Schmudlach / February 28, 2007 8:45 AM PST
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.