General discussion

VIRUS ALERTS - January 10, 2007

Discussion is locked

Follow
Reply to: VIRUS ALERTS - January 10, 2007
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: VIRUS ALERTS - January 10, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Troj/JustJok-D
- Collapse -
Troj/Stox-Gen
- Collapse -
Troj/Zlob-XW

Type Trojan

Aliases Trojan.Win32.DNSChanger.hn

Troj/Zlob-XW is a Trojan for the Windows platform.

Troj/Zlob-XW pretends to be an installer called "DirectVideo Setup".

Troj/Zlob-XW changes the infected computer's DNS settings.

http://www.sophos.com/virusinfo/analyses/trojzlobxw.html

- Collapse -
Troj/Small-DNX
- Collapse -
Troj/Proxy-FH
- Collapse -
Troj/BHO-F

Type Trojan

Aliases Win32/BHO.G

Troj/BHO-F is a Trojan for the Windows platform.

Troj/BHO-F may register itself as a BHO for Internet Explorer. When installed, it may steal user browsing habits and redirect searches.

http://www.sophos.com/virusinfo/analyses/trojbhof.html

- Collapse -
W32/Rbot-GAI

Type Worm

Aliases Backdoor.Win32.Rbot.gen

W32/Rbot-GAI is a worm with IRC backdoor functionality for the Windows platform.

W32/Rbot-GAI spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), SRVSVC (MS06-040), RPC-DCOM (MS04-012), ASN.1 (MS04-007) and RealVNC (CVE-2006-2369).

W32/Rbot-GAI runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotgai.html

- Collapse -
Troj/Dropper-MX
- Collapse -
Troj/Pardif-C

Type Trojan

Troj/Pardif-C is a downloading Trojan for the Windows platform.

Troj/Pardif-C is typically found in clean HTML files that have been modified by the virus W32/Pardona-G.

Troj/Pardif-C accesses certain URLs in an attempt to download and execute a file on the infected computer.

http://www.sophos.com/virusinfo/analyses/trojpardifc.html

- Collapse -
Troj/Dloadr-ASA

Type Trojan

Troj/Dloadr-ASA is a Trojan for the Windows platform.

Troj/Dloadr-ASA includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/Dloadr-ASA includes functionality to download, install and run new software.

http://www.sophos.com/virusinfo/analyses/trojdloadrasa.html

- Collapse -
Troj/Banloa-***
- Collapse -
Troj/Banloa-AST

Type Spyware Trojan

Aliases W32/Downloader.AXEQ

Troj/Banloa-AST is a Trojan for the Windows platform.

Troj/Banloa-AST includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/Banloa-AST also includes functionality to download, install and run new software.

http://www.sophos.com/virusinfo/analyses/trojbanloaast.html

- Collapse -
W32/Kraze-B
- Collapse -
Troj/Delf-DYJ
- Collapse -
Troj/Bckd-PVJ
- Collapse -
Troj/LdPinch-PW
- Collapse -
Troj/SpyDldr-N

Type Trojan

Aliases Trojan.Win32.VB.atw

Troj/SpyDldr-N is a Trojan for the Windows platform.

Troj/SpyDldr-N includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/SpyDldr-N may display the following fake error message:

System Security Center Alert

Warning! Possible spyware infection.
System Security Center has blocked the program.

http://www.sophos.com/virusinfo/analyses/trojspydldrn.html

- Collapse -
W32/Rbot-GAK
- Collapse -
Troj/Small-DNY
- Collapse -
W32/Rbot-GAJ

Type Worm

Aliases Backdoor.Win32.Rbot.btx

W32/Rbot-GAJ is a worm with IRC backdoor functionality for the Windows platform.

W32/Rbot-GAJ runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotgaj.html

- Collapse -
W32/IRCBot-TL

Type Spyware Worm

Aliases Backdoor.Win32.IRCBot.yc

W32/IRCBot-TL is a worm with backdoor functionality which allows a remote intruder to gain access and control over the computer.

W32/IRCBot-TL spreads to other network computers through poorly secured network shares. The worm runs continously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/security/analyses/w32ircbottl.html

- Collapse -
Troj/Dropper-MW
- Collapse -
Troj/Ace-A
- Collapse -
Troj/Ciadoor-DF
- Collapse -
Troj/Control-L
- Collapse -
Troj/Control-M
- Collapse -
Troj/Cyadoor-A
- Collapse -
Troj/CmjSpy-AH
- Collapse -
Troj/CmjSpy-AI
- Collapse -
Troj/Bdoor-ACE

CNET Forums

Forum Info