953 entries found.
Displaying page 27
of 48.
Backdoor:Win32/Sdbot!CC62
Updated on May 29, 2007
Backdoor:Win32/Sdbot!CC62 connects to a remote Internet Relay Chat (IRC) server and provides attackers with remote access to the impacted system. Commands that can be remotely executed include shutting down antivirus and other security-related software and using exploits to spread to other computers.
Alert level:
severe
Backdoor:Win32/Rbot!8A89
Updated on Jun 18, 2007
Backdoor:Win32/Rbot!8A89 is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!8A89 may be detected as Backdoor:Win32/Rbot.AF.
Alert level:
severe
Backdoor:Win32/Rbot!2EAA
Updated on Jun 19, 2007
Backdoor:Win32/Rbot2EAA is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!2EAA may be detected as Backdoor:Win32/Rbot.AH.
Alert level:
high
Backdoor:Win32/Rbot!2FA0
Updated on Jun 25, 2007
Backdoor:Win32/Rbot!2FA0 is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Backdoor:Win32/Rbot!2FA0 may be detected as Backdoor:Win32/Rbot.BH.
Alert level:
severe
Backdoor:Win32/Agent!9972
Updated on Aug 17, 2007
Backdoor:Win32/Agent!9972 is a backdoor Trojan that allows an attacker to take control of an infected computer. When a computer is infected, the Trojan connects to an Internet Relay Chat (IRC) server and joins a channel in order to receive commands from the controlling attacker. These commands can instruct the Trojan to perform a number of different actions, including downloading and installing additional components and spreading to other computers via MSN Messenger.
Alert level:
severe
TrojanDownloader:Win32/Nuwar.C
Updated on Sep 07, 2007
TrojanDownloader:Win32/Nuwar.C is a Trojan that downloads data from hard-coded remote Web sites. The downloaded information usually includes encrypted hyperlinks to malicious programs. TrojanDownloader:Win32/Nuwar.C connects to the specified URL, then downloads and executes the linked executables.
Alert level:
severe
TrojanDropper:Win32/Nuwar.A
Updated on Sep 07, 2007
TrojanDropper:Win32/Nuwar.A is a Trojan that drops and installs Backdoor:Win32/Nuwar.A or Backdoor:Win32/Nuwar.B onto an infected computer.
Backdoor:Win32/Nuwar is a Backdoor Trojan that allows unauthorized access to an infected computer. The Trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This Trojan also contains advanced stealth functionality that allows it to hide particular files, registry entries and registry values.
Related Malware
Alert level:
severe
Spammer:Win32/Nuwar
Updated on Sep 07, 2007
Spammer:Win32/Nuwar is a component of the Win32/Nuwar Trojan family, and is used to relay e-mails. E-mail messages are sent in various formats, commonly containing a hyperlink to a remote Web site hosting Win32/Nuwar Trojan files.
Alert level:
severe
Backdoor:Win32/Rbot.NF
Updated on Sep 10, 2007
Backdoor:Win32/Rbot.NF is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level:
severe
Worm:Win32/Pykspa.A
Updated on Sep 11, 2007
Worm:Win32/Pykspa.A is a worm that sends instant-messages on behalf of a user logged into Skype, an Internet chat client application. Messages sent contain a link to a remote Web site hosting a copy of the worm. Worm:Win32/Pykspa.A terminates processes, and redirects Web browser connections for various security-related Web sites to random IP addresses.
Alert level:
severe
Spammer:Win32/Nuwar.A
Updated on Sep 12, 2007
Spammer:Win32/Nuwar.A is a component of the Win32/Nuwar Trojan family, and is used to relay e-mails. E-mail messages are sent in various formats, commonly containing a hyperlink to a remote Web site hosting Win32/Nuwar Trojan files.
Alert level:
severe
Backdoor:Win32/Nuwar!sys
Updated on Sep 12, 2007
Backdoor:Win32/Nuwar!sys is the kernel mode driver component of Backdoor:Win32/Nuwar, a backdoor Trojan that allows unauthorized access to an infected computer. The Trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network.
Alert level:
severe
Worm:Win32/Mytob.CG@mm
Updated on Nov 09, 2007
Worm:Win32/Mytob.CG@mm is a mass-mailing and network worm that targets computers running certain
versions of Microsoft Windows. The worm can spread through e-mail, MSN/Windows Messenger, and by targeting randomly generated IP addresses and exploiting Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. The worm also contains backdoor functionality and connects to an IRC server to receive commands from attackers.
versions of Microsoft Windows. The worm can spread through e-mail, MSN/Windows Messenger, and by targeting randomly generated IP addresses and exploiting Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. The worm also contains backdoor functionality and connects to an IRC server to receive commands from attackers.
Alert level:
severe
Win32/Doomjuice
Updated on Nov 10, 2004
Win32/Doomjuice is a family of worms that target machines infected with Win32/Mydoom. Win32/Doomjuice scans for systems listening on the TCP port opened by the backdoor component of Win32/Mydoom. The worms launch a denial of service (DoS) attack against www.microsoft.com.
Alert level:
severe
Win32/Passalert
Updated on Oct 02, 2006
Win32/Passalert is a family of Trojan downloaders capable of downloading and running malicious software. Win32/Passalert may stop, delete, or circumvent processes or services associated with firewall, antivirus, or other security software, thus potentially lowering the security settings on affected computers.
Alert level:
high