Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS \ Spyware ALERTS - November 6, 2008

by Marianna Schmudlach Nov 5, 2008 2:12PM PST

Discussion is locked

31 - 60 of 53 Posts
- Collapse + Expand Details
- Collapse -
Troj/Bdoor-APP
by Marianna Schmudlach Nov 6, 2008 5:12AM PST
- Collapse -
Troj/Clicker-FC
by Marianna Schmudlach Nov 6, 2008 5:13AM PST
- Collapse -
Troj/Dloadr-BYR
by Marianna Schmudlach Nov 6, 2008 5:14AM PST
- Collapse -
Troj/PWS-AVV
by Marianna Schmudlach Nov 6, 2008 5:15AM PST
- Collapse -
Troj/Zlob-AQO
by Marianna Schmudlach Nov 6, 2008 5:16AM PST

Alert ID : FrSIRT/ALRT-2008-06807
Aliases : Win32/TrojanDownloader.Zlob.CTM
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-06


Description

Troj/Zlob-AQO is a Trojan for the Windows platform. Troj/Zlob-AQO includes functionality to access the internet and communicate with a remote server via HTTP.

References

http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaqo.html

Credits

Reported by Sophos

- Collapse -
Troj/Dloadr-BYP
by Marianna Schmudlach Nov 6, 2008 5:17AM PST
- Collapse -
Troj/Dloadr-BYQ
by Marianna Schmudlach Nov 6, 2008 5:17AM PST
- Collapse -
Troj/Dloadr-BYO
by Marianna Schmudlach Nov 6, 2008 5:18AM PST
- Collapse -
Mal/ObfJS-BL
by Marianna Schmudlach Nov 6, 2008 5:20AM PST

Alert ID : FrSIRT/ALRT-2008-06816
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-06


Description

Mal/ObfJS-BL is an obfuscated JavaScript within a web page that is likely to exploit vulnerabilities in the browser in order to infect the victim with malware.

References

http://www.sophos.com/security/analyses/viruses-and-spyware/malobfjsbl.html

Credits

Reported by Sophos

- Collapse -
Troj/Agent-IDQ
by Marianna Schmudlach Nov 6, 2008 5:22AM PST
- Collapse -
TROJ_DLOADER.ISZ
by Marianna Schmudlach Nov 6, 2008 5:23AM PST

Alert ID : FrSIRT/ALRT-2008-06834
Aliases : N/A
Size : 3261 bytes
Rated as : Low Risk
Release Date : 2008-11-06


Description

This Trojan may be downloaded unknowingly by a user when visiting malicious Web sites. A link to the said Web site from which it is downloaded from is given in a spam email. A screenshot of a sample spam email is given below:.

References

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_DLOADER.ISZ

Credits

Reported by Trend Micro

- Collapse -
Troj/Zlob-AQM
by Marianna Schmudlach Nov 6, 2008 5:25AM PST
- Collapse -
Troj/Zlob-AQL
by Marianna Schmudlach Nov 6, 2008 5:26AM PST

Alert ID : FrSIRT/ALRT-2008-06832
Aliases : Win32/TrojanDownloader.Zlob.CUH - Pupertrojan
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-06


Description

Troj/Zlob-AQL is a Trojan for the Windows platform. Troj/Zlob-AQL includes functionality to access the internet and communicate with a remote server via HTTP.

References

http://www.sophos.com/security/analyses/viruses-and-spyware/trojzlobaql.html

Credits

Reported by Sophos

- Collapse -
Troj/PWS-AVU
by Marianna Schmudlach Nov 6, 2008 5:27AM PST
- Collapse -
Troj/Kango-F
by Marianna Schmudlach Nov 6, 2008 5:28AM PST

Alert ID : FrSIRT/ALRT-2008-06830
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-11-06


Description

Troj/Kango-F is a Trojan for the Windows platform. When first run Troj/Kango-F copies itself to <System>\Setupw.exe and creates the file <System>\494596162.dat.

References

http://www.sophos.com/security/analyses/viruses-and-spyware/trojkangof.html

Credits

Reported by Sophos

- Collapse -
Troj/Zlob-AQQ
by Marianna Schmudlach Nov 6, 2008 7:42AM PST
- Collapse -
Troj/Zlob-AQP
by Marianna Schmudlach Nov 6, 2008 7:43AM PST
- Collapse -
Troj/VBDown-H
by Marianna Schmudlach Nov 6, 2008 7:44AM PST

Aliases Trojan.Win32.VB.gmp
Generic.dx

Category Viruses and Spyware

Type Trojan

Troj/VBDown-H is a Trojan for the Windows platform.

Troj/VBDown-H includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Troj/VBDown-H copies itself to the Windows system folder

The following registry entries are created to run Troj/VBDown-H on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
prunnet
<System&gtMischief<original Trojan filename>

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
prunnet
<System&gtMischief<original Trojan filename>

Registry entries are created under:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet

Troj/VBDown-H provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "Advertisement Service".

http://www.sophos.com/security/analyses/viruses-and-spyware/trojvbdownh.html?_log_from=rss

- Collapse -
Troj/OnlinG-Fam
by Marianna Schmudlach Nov 6, 2008 7:45AM PST
- Collapse -
Troj/Invo-Zip
by Marianna Schmudlach Nov 6, 2008 7:46AM PST
- Collapse -
Troj/FakeVir-HB
by Marianna Schmudlach Nov 6, 2008 7:47AM PST
- Collapse -
Troj/FakeVir-HA
by Marianna Schmudlach Nov 6, 2008 7:48AM PST
- Collapse -
Troj/Dloadr-BYS
by Marianna Schmudlach Nov 6, 2008 7:49AM PST
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info