544 entries found.
Displaying page 12
of 28.
Backdoor:Win32/Rbot!8A89
Updated on Jun 18, 2007
Backdoor:Win32/Rbot!8A89 is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!8A89 may be detected as Backdoor:Win32/Rbot.AF.
Alert level:
severe
Backdoor:Win32/Rbot!2EAA
Updated on Jun 19, 2007
Backdoor:Win32/Rbot2EAA is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!2EAA may be detected as Backdoor:Win32/Rbot.AH.
Alert level:
high
Backdoor:Win32/Rbot!2FA0
Updated on Jun 25, 2007
Backdoor:Win32/Rbot!2FA0 is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!2FA0 may be detected as Backdoor:Win32/Rbot.BH.
Alert level:
severe
Backdoor:Win32/Rbot!9665
Updated on Jul 02, 2007
Backdoor:Win32/Rbot!9665 is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!9665 may be detected as Backdoor:Win32/Rbot.DD.
Alert level:
severe
Worm:Win32/Lamin.A
Updated on Oct 05, 2009
Worm:Win32/Lamin.A is a worm that uses installed Internet chat clients to send messages to contacts containing a hyperlink to a copy of the worm. When executed, the worm installs itself, stops services and modifies Windows settings. The installed backdoor is identified as Backdoor:Win32/Lamin.A.
Alert level:
severe
Worm:Win32/Morto.A
Updated on Aug 27, 2011
Microsoft Defender Antivirus detects and removes this worm.
This threat is a worm that allows unauthorized access to an affected computer. It spreads by trying to compromise administrator passwords for Remote Desktop connections on a network.
Worms automatically spread to other PCs. They can do this in a number of ways, including by copying themselves to removable drives, network folders, or spreading through email.
Additional information for Enterprise users
In the wild, we have observed this threat infecting computers by targeting accounts that have weak passwords.
To help prevent infection, and consequent reinfection, make sure that your organization uses strong passwords for system and user accounts, and verifying that you do not use passwords like those being used by the malware in order to spread. Changing your password will significantly decrease your chance of re-infection.
To thwart this and similar threats, it helps to adhere to best password practices, defined and enforced by appropriate policies. Good polices include, but are not limited to:
- Ensuring there are rules around password complexity, so that passwords meet basic strong password requirements, such as minimum length (long passwords are usually stronger than short ones)
- Ensuring passwords are not used for extended periods of time; consider setting an expiry every 30 to 90 days. You might also consider enforcing password history, so that users can not re-use the same password within a pre-defined time frame
- Ensuring passwords contain a combination of:
- Uppercase letters
- Lowercase letters
- Numerals, and
- Symbols
For general information about password best practices, please see the following articles:
- http://technet.microsoft.com/en-us/library/cc784090(WS.10).aspx
- http://technet.microsoft.com/en-us/library/cc756109(WS.10).aspx
To help prevent re-infection after cleaning, you may also want to consider changing the password for every account on the network, for every user in your environment.
Alert level:
severe
Backdoor:Win32/Spycos.B
Updated on Apr 02, 2012
Backdoor:Win32/Spycos.B is a trojan that allows unauthorized remote access to your computer. The trojan could steal your login credentials for online banking and web-based email services. The trojan may also lower your computer's security by disabling certain security software services.
Alert level:
severe
Backdoor:Win32/Samsteal.A.dr
Updated on Jun 15, 2005
Backdoor:Win32/Samsteal.A.dr is a Trojan dropper that targets several versions of Microsoft Windows. The Trojan drops a file that in turn drops Backdoor:Win32/Samsteal.A and three other files.
Alert level:
severe
Backdoor:Win32/Berbew.F
Updated on Jul 12, 2004
Backdoor:Win32/Berbew.F is a Trojan that installs silently on your computer. It can capture and send personal information to a Web site. It can also download files from Web sites and run them on your computer. There are no readily apparent symptoms that indicate that your computer is infected with this Trojan.
Alert level:
severe
Backdoor:Win32/Berbew.J
Updated on Sep 23, 2004
Backdoor:Win32/Berbew.J is a Trojan that captures personal information and sends it to a Web site. It can also download and execute files from Web sites.
Alert level:
severe
Backdoor:Win32/Gaobot.X
Updated on Nov 15, 2004
Backdoor:Win32/Gaobot.X is a backdoor Trojan that connects to an IRC server to receive commands. The Trojan can spread to other machines by exploiting the vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. It can also spread to machines with weak passwords.
Alert level:
severe
Backdoor:Win32/Berbew.R
Updated on Dec 17, 2004
Backdoor:Win32/Berbew.R is a backdoor Trojan that downloads to a computer using another downloader Trojan that is sent through e-mail. Backdoor:Win32/Berbew.R retrieves locally cached passwords and sends them to a Web site. The Trojan opens certain ports.
Alert level:
severe
Backdoor:Win32/Berbew.I
Updated on Dec 21, 2004
Backdoor:Win32/Berbew.I is a Trojan that captures personal information and sends it to a Web site. It can also download and execute files from Web sites.
Alert level:
severe