Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - November 22,2004

by Marianna Schmudlach / November 22, 2004 2:13 AM PST


Aliases TrojanDownloader.Win32.Swizzor.bo

Type Trojan

Troj/Swizzor-BQ is a downloader Trojan.
Troj/Swizzor-BQ attempts to download and run executable files without the user's consent.
Troj/Swizzor-BQ installs itself as a Browser Help Object (BHO).


Discussion is locked
You are posting a reply to: VIRUS ALERTS - November 22,2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - November 22,2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
by Marianna Schmudlach / November 22, 2004 2:15 AM PST

Aliases W32/Bagle.dll.dr

Type Trojan

Troj/BagleDl-G is a downloader Trojan for the Windows platform.
Troj/BagleDl-G will attempt to download the file ZOO.JPG from a number of URLs. If successful, the Trojan will then run this file as an executable.
Troj/BagleDl-G will attempt to terminate a number of anti-virus and security related applications.


Collapse -
by Marianna Schmudlach / November 22, 2004 2:16 AM PST

Aliases TrojanSpy.Win32.Banbra.j

Type Trojan

Troj/Bancos-AL is a password stealing Trojan aimed at customers of Brazilian banks.
Troj/Bancos-AL will monitor a user's internet access. When certain internet banking sites are visited, the Trojan will display a fake login screen in order to trick the user into inputting their details.
Troj/Bancos-AL will then send the stolen details to a remote location.
When run, Troj/Bancos-AL will display the following fake error message:
"Este programa executou uma operacao invalida e sera finalizado agora."


Collapse -
by Marianna Schmudlach / November 22, 2004 2:18 AM PST
Collapse -
by Marianna Schmudlach / November 22, 2004 6:08 AM PST

Type Worm

W32/Favsin-A is a peer-to-peer and email worm for the Windows platform.
When first run W32/Favsin-A copies itself to the Windows system folder with the filenames NvCpl.exe and ****_Shi.exe.
W32/Favsin-A harvests email addresses from the Windows address book and from files on the hard disk.
W32/Favsin-A displays a popup window with the text "No Windows. Yes doors and holes."
The worm drops a file named YanZi.vbs into the current folder and runs it. Several JPG files are dropped into the current user's temp folder with filenames SuN<digit>.JPG and SuN<digit>.tmp. The VBS file creates and runs a file named SUN.EXE which displays one of the JPG images.


Collapse -
by Marianna Schmudlach / November 22, 2004 6:10 AM PST

Type Worm

W32/Rbot-QG is a network worm that spreads to vulnerable machines and by searching out network shares to infect.
The worm uses the WebDav (MS03-007), LSASS (MS04-011), and DCOM (MS04-012) vulnerabilities to spread to new machines.
The worm provides an IRC backdoor through which a third party can access to the infected machine.


Collapse -
by Marianna Schmudlach / November 22, 2004 6:12 AM PST

Type Worm

W32/Rbot-QH is a backdoor Trojan and network worm. W32/Rbot-QH spreads to remote network shares protected by weak passwords and computers vulnerable to common exploits. W32/Rbot-QH allows unauthorised remote access to infected computers via the IRC network.


Collapse -
by Marianna Schmudlach / November 22, 2004 6:13 AM PST

Aliases Backdoor.Win32.Rbot.gen

Type Worm

W32/Rbot-QI is a network worm with IRC backdoor functionality.
W32/Rbot-QI allows a remote attacker to control the infected computer through IRC channels.
W32/Rbot-QI exploits the RPC/DCOM (MS04-012), LSASS (MS04-011) and IIS5SSL (MS04-011) vulnerabilities.


Collapse -
by Marianna Schmudlach / November 22, 2004 6:17 AM PST
Collapse -
by Marianna Schmudlach / November 22, 2004 6:19 AM PST

Aliases Trojan-Spy.Win32.Getmail.e

Type Trojan

Troj/PWSMail-A is a password stealing Trojan for the Windows platform.
Troj/PWSMail-A will search an infected computer for passwords relating to email applications and webmail.
Troj/PWSMail-A may then attempt to send the stolen details to a remote website.


Collapse -
by Marianna Schmudlach / November 22, 2004 6:21 AM PST

Aliases Downloader-SF

Type Trojan

Troj/Dloader-SF is a downloader Trojan for the Windows platform.
Troj/Dloader-SF will download a file from a remote website to WINAMP.EXE in the C:\ folder. The Trojan will then run this file.
At the time of writing, Troj/Dloader-SF will download and run Troj/Bdoor-AV.
In an attempt to delete itself, Troj/Dloader-SF will delete BLA.EXE in the C:\ folder.


Collapse -
by Marianna Schmudlach / November 22, 2004 6:25 AM PST

Aliases BackDoor-CLH

Type Trojan

Troj/Bdoor-AV is a backdoor Trojan for the Windows platform.
Troj/Bdoor-AV will listen on a random port for incoming connections. The Trojan will allow a remote attacker control over the infected computer.
Troj/Bdoor-AV is capable of downloading and running further files.
Troj/Bdoor-AV will attempt to terminate a number of anti-virus and security related applications.


Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?