Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS ALERTS - January 9, 2006

by roddy32 Jan 8, 2006 8:55PM PST

Discussion is locked

1 - 30 of 54 Posts
- Collapse + Expand Details
- Collapse -
Troj/QQRob-BA
by roddy32 Jan 8, 2006 8:57PM PST
- Collapse -
Troj/Bancos-IY
by roddy32 Jan 8, 2006 8:59PM PST
- Collapse -
W32/Bube-E
by roddy32 Jan 8, 2006 9:00PM PST

Type
Worm

Aliases
Virus.Win32.Bube.e

W32/Bube-E is a downloader worm for Windows operating systems.

Once fully installed, the worm contacts a pre-specified website to report its presence on the computer, and periodically tries to download a file that will specify further commands for the worm to execute. W32/Bube-E can be instructed to:

Install software to the registry
Set and delete registry entries
Open Internet Explorer to a specific web page
Run Explorer with specified parameters
Download and execute files

http://www.sophos.com/virusinfo/analyses/w32bubee.html

- Collapse -
Dial/Chivio-S
by roddy32 Jan 8, 2006 9:03PM PST
- Collapse -
Troj/Meteor-E
by roddy32 Jan 8, 2006 9:05PM PST
- Collapse -
W32/Rbot-BJA
by roddy32 Jan 8, 2006 9:07PM PST

Type
Worm

W32/Rbot-BJA is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BJA runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbja.html

- Collapse -
Troj/StartPa-KN
by roddy32 Jan 8, 2006 9:08PM PST
- Collapse -
Troj/Bandler-K
by roddy32 Jan 8, 2006 11:47PM PST

Type
Spyware Trojan

Aliases
Trojan-Spy.Win32.Banker.zp

Troj/Bandler-K is a password stealing Trojan for the Windows platform.

Troj/Bandler-K targets the customers of certain Brazilian online banking websites by displaying fake user interfaces and recording any entered details.

http://www.sophos.com/virusinfo/analyses/trojbandlerk.html

- Collapse -
Troj/GwGhost-W
by roddy32 Jan 8, 2006 11:48PM PST
- Collapse -
W32/Rbot-BJM
by roddy32 Jan 8, 2006 11:50PM PST

Type
Worm

Aliases
Backdoor.Win32.Rbot.adf

W32/Rbot-BJM is a worm and IRC backdoor Trojan for the Windows platform.

W32/Rbot-BJM spreads:

- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), IIS5SSL (MS04-011) (CAN-2003-0719), UPNP (MS01-059), Veritas (CAN-2004-1172), Dameware (CAN-2003-1030) and ASN.1 (MS04-007)
- by copying itself to network shares protected by weak passwords

W32/Rbot-BJM runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbjm.html

- Collapse -
Troj/QQRob-BD
by roddy32 Jan 8, 2006 11:53PM PST
- Collapse -
W32/Rbot-BJN
by roddy32 Jan 9, 2006 12:00AM PST

Type
Worm

W32/Rbot-BJN is network worm and backdoor Trojan for the Windows platform.

W32/Rbot-BJN can spread via the RPC-DCOM (MS04-012) and LSASS (MS04-011) buffer overflow vulnerabilities.

W32/Rbot-BJN runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotbjn.html

- Collapse -
Troj/Flood-EV
by roddy32 Jan 9, 2006 12:02AM PST
- Collapse -
Troj/Clicker-BL
by roddy32 Jan 9, 2006 12:04AM PST
- Collapse -
Troj/AlesSpy-O
by roddy32 Jan 9, 2006 12:07AM PST
- Collapse -
Dial/Dialer-X
by roddy32 Jan 9, 2006 12:09AM PST
- Collapse -
Dial/Dialer-N
by roddy32 Jan 9, 2006 12:11AM PST
- Collapse -
Troj/Jupdrop-A
by roddy32 Jan 9, 2006 1:58AM PST
- Collapse -
Troj/Jupdow-A
by roddy32 Jan 9, 2006 1:59AM PST

Type
Trojan

Aliases
Trojan-Proxy.Win32.Delf.al

Troj/Jupdow-A is a Trojan for the Windows platform.

Troj/Jupdow-A attempts to download configuration files from a remote website to the Windows temp folder, and may then attempt to download files from further websites.

http://www.sophos.com/virusinfo/analyses/trojjupdowa.html

- Collapse -
Troj/Jupdow-B
by roddy32 Jan 9, 2006 2:04AM PST

Type
Trojan

Troj/Jupdow-B is a Trojan for the Windows platform.

Troj/Jupdow-B attempts to download configuration files from a remote website to the Windows temp folder, and may then attempt to download files from further websites.

http://www.sophos.com/virusinfo/analyses/trojjupdowb.html

- Collapse -
Troj/GrayBrd-AL
by roddy32 Jan 9, 2006 2:06AM PST
- Collapse -
Troj/Bancban-IR
by roddy32 Jan 9, 2006 2:08AM PST
- Collapse -
W32/Rbot-AYC
by roddy32 Jan 9, 2006 2:47AM PST

Type
Worm

Aliases
W32/Spybot.NLU
W32/Sdbot.worm.gen.bh

W32/Rbot-AYC is a worm with IRC backdoor functionality for the Windows platform.

W32/Rbot-AYC can spread via network shares or MSSQL when it finds weak passwords. It may also spread to systems compromised by other malware, or by exploiting common vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), WebDav (MS03-007), IIS5SSL (MS04-011) (CAN-2003-0719), UPNP (MS01-059), Veritas (CAN-2004-1172), Dameware (CAN-2003-1030), PNP (MS05-039), and ASN.1 (MS04-007).

W32/Rbot-AYC runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

http://www.sophos.com/virusinfo/analyses/w32rbotayc.html

- Collapse -
Troj/Dumaru-BR
by roddy32 Jan 9, 2006 2:50AM PST

Type
Trojan

Aliases
Backdoor.Win32.Dumador.ez

Troj/Dumaru-BR is a password-stealing backdoor Trojan which allows a remote intruder to gain access and control over the computer.

Troj/Dumaru-BR includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojdumarubr.html

- Collapse -
Troj/Agent-KM
by roddy32 Jan 9, 2006 2:52AM PST

Type
Trojan

Aliases
Backdoor.Win32.Agent.km BackDoor-CPX

Troj/Agent-KM is a backdoor Trojan for the Windows platform.

Troj/Agent-KM allows a remote user to use a gain access and control over the computer using a command prompt.

Troj/Agent-KM includes functionality to access the internet and communicate with a remote server via HTTP.

http://www.sophos.com/virusinfo/analyses/trojagentkm.html

- Collapse -
Troj/Gatto-A
by roddy32 Jan 9, 2006 2:54AM PST
- Collapse -
Troj/Hazif-B
by roddy32 Jan 9, 2006 2:56AM PST
- Collapse -
W32/PPDoor-R
by Marianna Schmudlach Jan 9, 2006 7:14AM PST
- Collapse -
Troj/WinShel-A
by Marianna Schmudlach Jan 9, 2006 7:15AM PST
- Collapse -
Troj/DownLdr-SL
by Marianna Schmudlach Jan 9, 2006 7:16AM PST
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info