 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
Troj/DownLdr-QB
Type
Trojan
Aliases
Exploit.Win32.IMG-WMF.a
Troj/DownLdr-QB is a downloader Trojan which will download, install and run new
software without notification that it is doing so.
The file downloaded by Troj/DownLdr-QB is detected by Sophos as Troj/Bifrose-CS.
http://www.sophos.com/virusinfo/analyses/trojdownldrqb.html
Discussion is locked
Type
Trojan
Aliases
Backdoor.Win32.Bifrose.kt
Troj/Bifrose-CS is a Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojbifrosecs.html
Type
Worm
Aliases
Trojan-Dropper.Win32.Agent.afj
W32/Loosky-M is a worm for the Windows platform.
http://www.sophos.com/virusinfo/analyses/w32looskym.html
Type
Trojan
Aliases
Trojan-Downloader.Win32.Zlob.dl
Troj/Zlob-AL is a Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojzlobal.html
Type
Trojan
Aliases
Trojan.Zlob
Trojan-Downloader.Win32.Zlob.dl
Troj/Puper-AD is a Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojpuperad.html
Type
Worm
Aliases
Email-Worm.Win32.Brontok.c
W32.Rontokbro@mm
W32/Brontok-K is an email worm that sends itself to addresses gathered from the infected computer by searching files with the following extensions:
ASP, CFM, CSV, DOC, EML, HTML, PHP, TXT, WAB
http://www.sophos.com/virusinfo/analyses/w32brontokk.html
Type
Worm
W32/Sdranck-W is a multi-component network worm for the Windows platform.
http://www.sophos.com/virusinfo/analyses/w32sdranckw.html
Type
Trojan
Exp/WMF-A is a Windows Metafile (WMF) file which exploits a vulnerability associated with Windows Picture and Fax Viewer allowing arbitrary code execution.
For more information please see the following Microsoft advisory:
http://www.microsoft.com/technet/security/advisory/912840.mspx
http://www.sophos.com/virusinfo/analyses/expwmfa.html
Type Worm
Aliases Backdoor.Win32.Rbot.aie
W32/Sdbot.worm.gen.bi
W32/Rbot-BHQ is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BHQ spreads:
- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), IIS5SSL (MS04-011) (CAN-2003-0719), UPNP (MS01-059), Veritas (CAN-2004-1172), Dameware (CAN-2003-1030), PNP (MS05-039) and ASN.1 (MS04-007)
- by copying itself to network shares protected by weak passwords
W32/Rbot-BHQ runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
http://www.sophos.com/virusinfo/analyses/w32rbotbhq.html
Type Trojan
Aliases Trojan-Downloader.Win32.Tiny.am
Downloader-ASU
Troj/DownLdr-PZ is a Trojan for the Windows platform.
Troj/DownLdr-PZ includes functionality to download, install and run new software.
http://www.sophos.com/virusinfo/analyses/trojdownldrpz.html
Type Trojan
Aliases Trojan-Downloader.Win32.Small.cdo
Troj/DownLdr-QA is a Trojan for the Windows platform.
Troj/DownLdr-QA includes functionality to download, install and run new software.
http://www.sophos.com/virusinfo/analyses/trojdownldrqa.html
Type Spyware Trojan
Aliases Trojan-Proxy.Win32.Agent.iq
PWS-LDPinch
Troj/LdPinch-DH is a password-stealing Trojan with backdoor functionality.
Troj/LdPinch-DH attempts to steal confidential information and send it to a remote location via HTTP or email.
Troj/LdPinch-DH provides a backdoor server on a pre-configured port (the default is 175
. A remote intruder will be able to connect to this port and receive command shell access.
http://www.sophos.com/virusinfo/analyses/trojldpinchdh.html
Type Worm
Aliases Backdoor.Win32.SdBot.ajw
W32/Opanki.worm.gen
W32.Spybot.Worm
WORM_SDBOT.CVG
W32/Tilebot-CU is a worm for the Windows platform.
W32/Tilebot-CU runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
W32/Tilebot-CU includes functionality to:
- set up an FTP server
- spread via AOL Instant Messager by sending messages automatically
- change Internet Explorer start page
- set or remove network shares
- port scanning
- packet sniffing
- access the internet and communicate with a remote server via HTTP
- harvest information from clipboard
http://www.sophos.com/virusinfo/analyses/w32tilebotcu.html
Type Trojan
Aliases Trojan-Downloader.Win32.Small.byj
Downloader-ARR
Troj/DownLdr-HV is a Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojdownldrhv.html
Type Spyware Trojan
Aliases Trojan-PSW.Win32.Lmir.aqc
PWS-Lineage.dll
Troj/LegMir-DM is an information stealing Trojan for the Windows platform.
http://www.sophos.com/virusinfo/analyses/trojlegmirdm.html
Type Trojan
Aliases Trojan-Downloader.Win32.PassAlert.h
StartPage-IH
Troj/Dloadr-DN is a downloader Trojan for the Windows platform.
Troj/Dloadr-DN includes functionality to:
- access the internet and communicate with a remote server via HTTP
- disable Windows warning messages
http://www.sophos.com/virusinfo/analyses/trojdloadrdn.html
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic