Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - November 22,2004

Troj/Swizzor-BQ

Aliases TrojanDownloader.Win32.Swizzor.bo


Type Trojan

Troj/Swizzor-BQ is a downloader Trojan.
Troj/Swizzor-BQ attempts to download and run executable files without the user's consent.
Troj/Swizzor-BQ installs itself as a Browser Help Object (BHO).

http://www.sophos.com/virusinfo/analyses/trojswizzorbq.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - November 22,2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - November 22,2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/BagleDl-G

In reply to: VIRUS ALERTS - November 22,2004

Aliases W32/Bagle.dll.dr
W32/Bagle.dll.gen
Trojan-Dropper.Win32.Small.ms
TrojanDownloader.Win32.Small.zm

Type Trojan

Troj/BagleDl-G is a downloader Trojan for the Windows platform.
Troj/BagleDl-G will attempt to download the file ZOO.JPG from a number of URLs. If successful, the Trojan will then run this file as an executable.
Troj/BagleDl-G will attempt to terminate a number of anti-virus and security related applications.

http://www.sophos.com/virusinfo/analyses/trojbagledlg.html

Collapse -
Troj/Bancos-AL

In reply to: VIRUS ALERTS - November 22,2004

Aliases TrojanSpy.Win32.Banbra.j
PWS-Bancos.gen

Type Trojan

Troj/Bancos-AL is a password stealing Trojan aimed at customers of Brazilian banks.
Troj/Bancos-AL will monitor a user's internet access. When certain internet banking sites are visited, the Trojan will display a fake login screen in order to trick the user into inputting their details.
Troj/Bancos-AL will then send the stolen details to a remote location.
When run, Troj/Bancos-AL will display the following fake error message:
"Este programa executou uma operacao invalida e sera finalizado agora."

http://www.sophos.com/virusinfo/analyses/trojbancosal.html

Collapse -
Troj/Netcyber-A

In reply to: VIRUS ALERTS - November 22,2004

Collapse -
W32/Favsin-A

In reply to: VIRUS ALERTS - November 22,2004

Type Worm

W32/Favsin-A is a peer-to-peer and email worm for the Windows platform.
When first run W32/Favsin-A copies itself to the Windows system folder with the filenames NvCpl.exe and ****_Shi.exe.
W32/Favsin-A harvests email addresses from the Windows address book and from files on the hard disk.
W32/Favsin-A displays a popup window with the text "No Windows. Yes doors and holes."
The worm drops a file named YanZi.vbs into the current folder and runs it. Several JPG files are dropped into the current user's temp folder with filenames SuN<digit>.JPG and SuN<digit>.tmp. The VBS file creates and runs a file named SUN.EXE which displays one of the JPG images.

http://www.sophos.com/virusinfo/analyses/w32favsina.html

Collapse -
W32/Rbot-QG

In reply to: VIRUS ALERTS - November 22,2004

Type Worm

W32/Rbot-QG is a network worm that spreads to vulnerable machines and by searching out network shares to infect.
The worm uses the WebDav (MS03-007), LSASS (MS04-011), and DCOM (MS04-012) vulnerabilities to spread to new machines.
The worm provides an IRC backdoor through which a third party can access to the infected machine.

http://www.sophos.com/virusinfo/analyses/w32rbotqg.html

Collapse -
W32/Rbot-QH

In reply to: VIRUS ALERTS - November 22,2004

Type Worm

W32/Rbot-QH is a backdoor Trojan and network worm. W32/Rbot-QH spreads to remote network shares protected by weak passwords and computers vulnerable to common exploits. W32/Rbot-QH allows unauthorised remote access to infected computers via the IRC network.

http://www.sophos.com/virusinfo/analyses/w32rbotqh.html

Collapse -
W32/Rbot-QI

In reply to: VIRUS ALERTS - November 22,2004

Aliases Backdoor.Win32.Rbot.gen
W32/Sdbot.worm.gen.g
W32/Sdbot.worm.gen.t

Type Worm

W32/Rbot-QI is a network worm with IRC backdoor functionality.
W32/Rbot-QI allows a remote attacker to control the infected computer through IRC channels.
W32/Rbot-QI exploits the RPC/DCOM (MS04-012), LSASS (MS04-011) and IIS5SSL (MS04-011) vulnerabilities.

http://www.sophos.com/virusinfo/analyses/w32rbotqi.html

Collapse -
W32/Francette-O

In reply to: VIRUS ALERTS - November 22,2004

Collapse -
Troj/PWSMail-A

In reply to: VIRUS ALERTS - November 22,2004

Aliases Trojan-Spy.Win32.Getmail.e

Type Trojan

Troj/PWSMail-A is a password stealing Trojan for the Windows platform.
Troj/PWSMail-A will search an infected computer for passwords relating to email applications and webmail.
Troj/PWSMail-A may then attempt to send the stolen details to a remote website.

http://www.sophos.com/virusinfo/analyses/trojpwsmaila.html

Collapse -
Troj/Dloader-SF

In reply to: VIRUS ALERTS - November 22,2004

Aliases Downloader-SF
Trojan-Downloader.Win32.Small.aaq

Type Trojan

Troj/Dloader-SF is a downloader Trojan for the Windows platform.
Troj/Dloader-SF will download a file from a remote website to WINAMP.EXE in the C:\ folder. The Trojan will then run this file.
At the time of writing, Troj/Dloader-SF will download and run Troj/Bdoor-AV.
In an attempt to delete itself, Troj/Dloader-SF will delete BLA.EXE in the C:\ folder.

http://www.sophos.com/virusinfo/analyses/trojdloadersf.html

Collapse -
Troj/Bdoor-AV

In reply to: VIRUS ALERTS - November 22,2004

Aliases BackDoor-CLH
Backdoor.Win32.Agent.ec

Type Trojan

Troj/Bdoor-AV is a backdoor Trojan for the Windows platform.
Troj/Bdoor-AV will listen on a random port for incoming connections. The Trojan will allow a remote attacker control over the infected computer.
Troj/Bdoor-AV is capable of downloading and running further files.
Troj/Bdoor-AV will attempt to terminate a number of anti-virus and security related applications.

http://www.sophos.com/virusinfo/analyses/trojbdoorav.html

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

REVIEW

Sublime suburban chariot

High on style and technology, the 2019 Volvo XC90 is an incredibly satisfying everyday crossover.