 |
W32/Sdbot.worm.gen.i |
W32-Wurm |
Alias: W32/Sdbot-HW, Win32/Optix.Pro.132 trojan, W32.Randex.gen, Backdoor.Sdbot.HW
W32/Sdbot.worm.gen.i ist ein W32-Wurm, der sich remote über IRC-Kanäle
verbreitet. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32/Netsky.p@MM |
E-mail Worm |
| This is an email and network worm. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32/Bagle.bb@MM |
E-mail Worm |
| This variant of W32/Bagle contains its own SMTP engine for constructing outgoing email messages.. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32.Blaster.Worm |
Worm |
| W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (first described in Microsoft Security Bulletin MS03-026)(users are recommended to patch this vulnerability by applying Microsoft Security Bulletin MS03-039) using TCP port 135. The worm targets only Windows 2000 and Windows XP machines. While Windows NT and Windows 2003 Server machines are vulnerable to the aforementioned exploit (if not properly patched), the worm is not coded to replicate to those systems. This worm attempts to download the msblast.exe file to the %WinDir%\system32 directory and then execute it. W32.Blaster.Worm does not have a mass-mailing functionality. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32.Korgo.V |
Worm |
| W32.Korgo.V is a variant of W32.Korgo.N. This worm attempts to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 445. It also listens on random TCP ports between 256 and 8191. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32.Francette.Worm |
Worm |
| W32.Francette.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135, as well as the Microsoft IIS Web Server Folder Traversal vulnerability (described in Microsoft Security Bulletin MS00-078). The existence of the file syshost.exe is an indication of a possible infection.
This worm is written in Borland Delphi and is packed with ASPack. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32.IRCBot |
Trojan |
| This Trojan contains backdoor capabilities that allows a hacker to control your computer remotely using Internet Relay Chat (IRC). This Trojan also has the ability to download and execute other files of the hacker's choice. |
|
|
Erweiterte
Informationen |
|
|
|
|
W32/Mytob.gen@MM |
Virus |
|
|
|
Erweiterte
Informationen |
|
|
|
|
W32/Mydoom.af@mm |
Virus |
|
|
|
Erweiterte
Informationen |
|
|
|
|
W32/Pate.b |
virus |
|
|
|
Erweiterte
Informationen |
|
|
|
|
BackDoor-BDD (Trojan) |
Trojan |
| There are several variants of this trojan. The trojan is written in MSVC, packed using UPX.
When run, the trojan downloads several files from a specific website. It creates files in Windows or Windows system directory using random file names. |
|
|
Erweiterte
Informationen |
|
|
|
|
TrojanProxy.Win32.gen.1 |
Trojan |
| rojanProxy.Win32 wurde konzipiert, um als Proxy zu agieren und die tats?chliche Adresse seines Erstellers zu verbergen.
|
|
|
Erweiterte
Informationen |
|
|
|
|
|
