Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

VIRUS \ Spyware ALERTS - October 28, 2008

by Marianna Schmudlach Oct 27, 2008 3:28PM PDT

Troj/Renos-BH


Aliases Trojan-Downloader.Win32.CodecPack.ge

Category Viruses and Spyware

Type Trojan


Troj/Renos-BH is a Trojan for the Windows platform.

Troj/Renos-BH includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/Renos-BH downloads files with .gif extensions from multiple websites.
These files are actually executable files and are run once downloaded.

The following registry entry is created to run Troj/Renos-BH on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MSFox
<pathname of Troj/Renos-BH>

Registry entries are created under:

HKLM\SOFTWARE\Mozilla\MSFox


http://www.sophos.com/security/analyses/viruses-and-spyware/trojrenosbh.html?_log_from=rss

Discussion is locked

31 - 60 of 53 Posts
- Collapse + Expand Details
- Collapse -
DNSChanger.gen!CA9E0322
by Marianna Schmudlach Oct 28, 2008 6:47AM PDT

Alert ID : FrSIRT/ALRT-2008-06472
Aliases : N/A
Size : N/A
Rated as : Low Risk
Release Date : 2008-10-28


Description

This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted.

References

http://vil.nai.com/vil/content/v_152977.htm

Credits

Reported by McAfee

- Collapse -
Troj/Dloadr-BWU
by Marianna Schmudlach Oct 28, 2008 6:49AM PDT

Aliases Trojan-Downloader.Win32.Agent.ajwx

Category Viruses and Spyware

Type Trojan

Troj/Dloadr-BWU is downloader Trojan for the Windows platform.

Troj/Dloadr-BWU installs itself in the <System> folder as a filename in the format of Lka999_999.dll where both instances of "999" could be any 3 digit number.

A INI format file "Download1" is also created in the Windows folder. This is harmless.


http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadrbwu.html?_log_from=rss

- Collapse -
Troj/DelSpy-Gen
by Marianna Schmudlach Oct 28, 2008 6:50AM PDT
- Collapse -
Troj/Cinmus-Gen
by Marianna Schmudlach Oct 28, 2008 6:51AM PDT
- Collapse -
Troj/Bnkmr-Fam
by Marianna Schmudlach Oct 28, 2008 6:52AM PDT
- Collapse -
Troj/Bckdr-QQC
by Marianna Schmudlach Oct 28, 2008 6:53AM PDT
- Collapse -
Troj/Agent-IBS
by Marianna Schmudlach Oct 28, 2008 6:54AM PDT
- Collapse -
Troj/Agent-IBR
by Marianna Schmudlach Oct 28, 2008 6:55AM PDT
- Collapse -
Troj/Agent-HZZ
by Marianna Schmudlach Oct 28, 2008 6:56AM PDT
- Collapse -
Mal/Behav-301
by Marianna Schmudlach Oct 28, 2008 6:57AM PDT
- Collapse -
Mal/Bancos-B
by Marianna Schmudlach Oct 28, 2008 6:58AM PDT
- Collapse -
Sus/Veneb-B
by Marianna Schmudlach Oct 28, 2008 6:59AM PDT
- Collapse -
Sus/Flake-A
by Marianna Schmudlach Oct 28, 2008 7:00AM PDT
- Collapse -
Troj/Rootkit-DZ
by Marianna Schmudlach Oct 28, 2008 7:02AM PDT
- Collapse -
Troj/WSHack-A
by Marianna Schmudlach Oct 28, 2008 11:06AM PDT
- Collapse -
Troj/FakeVir-GT
by Marianna Schmudlach Oct 28, 2008 11:07AM PDT
- Collapse -
Troj/FakeAV-FO
by Marianna Schmudlach Oct 28, 2008 11:09AM PDT
- Collapse -
Troj/FakeAle-JB
by Marianna Schmudlach Oct 28, 2008 11:10AM PDT
- Collapse -
Troj/Dloadr-BXE
by Marianna Schmudlach Oct 28, 2008 11:11AM PDT
- Collapse -
Troj/Dloadr-BXD
by Marianna Schmudlach Oct 28, 2008 11:12AM PDT
- Collapse -
Troj/Agent-IBV
by Marianna Schmudlach Oct 28, 2008 11:13AM PDT
- Collapse -
Troj/Agent-IBU
by Marianna Schmudlach Oct 28, 2008 11:15AM PDT
- Collapse -
Mal/EncPk-FQ
by Marianna Schmudlach Oct 28, 2008 11:16AM PDT
Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info