"Generic BackDoor!csb" is a backdoor that allows unauthorized access and control of a compromised computer to the remote attacker.
Upon execution, the Trojan creates browser instances and connects to the following remote ip addresses and performs backdoor activity.
68.178.[removed] through remote port 80
86.128.[removed] through remote port 82
After execution the Trojan copies itself into the following location.
%WinDir%\system32\install\server.exe [Detected...
W32.Routrobot.worm!text is a Trojan that redirects Web searches performed using the Web browser Firefox and when a user performs key word searches in specific search sites.
W32.Routrobot.worm!text is a dropped content of another malicious file. It arrives in the system as a Firefox mechanism that allows applications to add elements to the browser interface and is present as a file named "timer.xul".
When a user uses the following search engines using the web browser Firefox, t...
File Information
MD5 : 1B1192D4C84DABB0E1E01DC4D06B013A
SHA : 6E569AE7698DA62C5B0466C9D16CC57E666F7C8C
Aliases
AVG: Worm/VB.BDBS
Symantec: W32.Changeup!gen6
NOD32: Win32/AutoRun.VB.SL
"W32.Autorun.worm.c" is worm that may propagate via removable drives or network shares. Also, it is designed to download malicious files from websites controlled by the malware author.
When executed, the Trojan connects to the following websites to download malicious file from the r...
Virus Name: Trojan-Downloader.Win32.Agent.f
Virus Description:
The sample is to use the "VC" prepared "downloaders" size "73,427" bytes, use the "exe" extension, through the bundled documentation, web pages linked to horse, download manager, etc. to spread. The main purpose is to download the virus Trojan horse virus. When the user computer is infected with this trojan virus, there will be no reason the system error, anti-virus software does not start automatically quit and found a lar...
Worm: Net-Worm.Win32.AutoRun.b
Risk level: Medium
Virus Description
The sample is to use the "C / C prepared by the worm, the size of" 56,072 "bytes, the virus extension" exe ", mainly through the" file bundle "," download tool download "," removable memory infected "," LAN infection ", etc., the viruses infected the LAN main purpose is to create networks.
After the user's computer was infected, there will be security software soft kill without reason quit the antivirus can not open ...
Trojan Downloader Trojan-Downloader.Win32.Agent.axtj
Virus Description
The sample is the use of "DELPHI" prepared by the Trojan downloader, with "UPX" packers way in an attempt to evade signature scanning, packers after the size of 21,504 bytes, icon , viruses extension "exe", mainly through " file bundle "," download tool download "," Page Trojan "and other modes to spread, the main purpose of the virus is to download and run the virus automatically open the specified site.
After the u...
Network worms: Worm.Win32.Qvod.b
Risk level: Medium
Virus Description
The sample is to use the "VC" prepared by the "worm", using "PEtite" way of trying to evade signature scanning packers, packers after the size of 172,032 bytes, the icon for the "", use the "exe" extension, through the files bundled, web trojan, download tools to download, etc. and spread. The main purpose of viral infection where the LAN users and computers. After the user's computer was infected a large number of...
Trojan downloader: Trojan-Downloader.Win32.Agent.a
Risk level: Medium
Virus Description
The sample is to use the "VC" prepared by the Trojan downloaders, the size of 37,260 bytes, the icon for the virus "", the extension "exe", mainly through the "Web Trojan", "file bundle", "download tool download" modes to spread,
After the user's computer was infected, the network will appear to run slow, and unknown processes.
Infection of the operating system
Windows 2000/Windows XP / Windows 2003/...