Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - July 18, 2007

by Marianna Schmudlach / July 17, 2007 3:26 PM PDT

W32/Looked-DM

Type Virus

Aliases Trojan-Dropper.Win32.Small.axi
Win32/Viking.DB
PE_LOOKED.ABM-O

W32/Looked-DM is a prepending virus and network worm for the Windows platform.

W32/Looked-DM spreads via file sharing on P2P networks.

W32/Looked-DM runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.

W32/Looked-DM includes functionality to access the internet and communicate with a remote server via HTTP.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddm.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - July 18, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - July 18, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/IBank-H
by Marianna Schmudlach / July 17, 2007 3:28 PM PDT

Type Spyware Trojan

Troj/IBank-H is a Trojan which tries to steal internet banking logon details by displaying fake HTML logon pages.

Troj/IBank-H can arrive as a result of web browsing. Visiting certain web sites may initiate the download process.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojibankh.html

Collapse -
Exp/QTP-A
by Marianna Schmudlach / July 17, 2007 3:29 PM PDT
Collapse -
Troj/Lineag-AP
by Marianna Schmudlach / July 17, 2007 3:31 PM PDT
Collapse -
W32/Looked-DN
by Marianna Schmudlach / July 17, 2007 3:33 PM PDT

Type Virus

Aliases Worm.Win32.Viking.bd
Win32/Viking.BY
PE_LOOKED.UX

W32/Looked-DN is a prepending virus and network worm for the Windows platform.

W32/Looked-DN spreads via infected files and file sharing on P2P networks.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddn.html

Collapse -
W32/Looked-DP
by Marianna Schmudlach / July 17, 2007 3:34 PM PDT
Collapse -
W32/Looked-DO
by Marianna Schmudlach / July 17, 2007 3:36 PM PDT

Type Virus

Aliases Worm.Win32.Viking.k
W95/Philis.E
Win32/Viking.NAH
PE_LOOKED.AC

W32/Looked-DO is a prepending virus and network worm for the Windows platform.

W32/Looked-DO spreads via infected files and file sharing on P2P networks

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddo.html

Collapse -
W32/Looked-DQ
by Marianna Schmudlach / July 17, 2007 3:37 PM PDT

Type Virus

Aliases Worm.Win32.Viking.bd
Win32/Viking.BY
PE_LOOKED.UX

W32/Looked-DQ is a prepending virus and network worm for the Windows platform.

W32/Looked-DQ spreads via infected files and file sharing on P2P networks.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddq.html

Collapse -
W32/Poebot-MN
by Marianna Schmudlach / July 17, 2007 3:42 PM PDT
Collapse -
Troj/Agent-FXT
by Marianna Schmudlach / July 17, 2007 3:44 PM PDT
Collapse -
Troj/DwnLdr-GVR
by Marianna Schmudlach / July 17, 2007 3:45 PM PDT
Collapse -
Troj/PSW-EF
by Marianna Schmudlach / July 18, 2007 12:49 AM PDT
Collapse -
Troj/Banloa-CR
by Marianna Schmudlach / July 18, 2007 12:51 AM PDT
Collapse -
Troj/DwnLdr-GWU
by Marianna Schmudlach / July 18, 2007 12:52 AM PDT
Collapse -
Troj/VB-DWS
by Marianna Schmudlach / July 18, 2007 12:54 AM PDT
Collapse -
Troj/BHO-CT
by Marianna Schmudlach / July 18, 2007 12:55 AM PDT
Collapse -
Troj/Banker-EIF
by Marianna Schmudlach / July 18, 2007 12:57 AM PDT
Collapse -
TROJ_DLOADER.OWO - A Word to the Wise
by Marianna Schmudlach / July 18, 2007 1:13 AM PDT

July 18th, 2007 by Donna Corpin

July?s Patch Tuesday came last week, but a new Trojan detected as TROJ_DLOADER.OWO comes on its tail posing as a reminder for users to update their word processor on Windows systems.


Using one of the oldest tricks in the book, it displays a fake error message box with the following message upon execution:


Please update your version of Microsoft Word!


Its download routine is only triggered once unknowing users click on the OK button in the said box, as if it needs a user?s green light before it can proceed to infect systems. This is probably what sets it apart from other downloaders, which perform their routines immediately upon arrival. It also terminates certain security-related processes and uses the Microsoft Word icon to trick users into thinking that it is a legitimate file.


So, a word to the wise: Try not to fall for ?polite? but fake messages that know just when and how to say ?please,? even if it asks for your consent. Best of all, get your updates and/or patches straight from the legitimate vendors of your installed applications and beware of ever-evolving social engineering techniques.

http://blog.trendmicro.com/

Collapse -
W32/Fujacks-AM
by Marianna Schmudlach / July 18, 2007 5:30 AM PDT

Type Worm

Aliases Win32/Fujacks.AK
Worm.Win32.Fujack.g
W32/Fujacks.m

W32/Fujacks-AM is a virus for the Windows platform which has functionality to spread to network shares and removable devices.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32fujacksam.html

Collapse -
W32/SillyFDC-AL
by Marianna Schmudlach / July 18, 2007 5:32 AM PDT
Collapse -
W32/VB-DWT
by Marianna Schmudlach / July 18, 2007 5:34 AM PDT
Collapse -
W32/Feebs-BU
by Marianna Schmudlach / July 18, 2007 5:35 AM PDT

Type Worm

Aliases Worm.Win32.Feebs.gen
JS/Feebs.gen.z@MM trojan
JS_FEEBS.GEN-9
Trojan:JS/Feebs.gen!D

W32/Feebs-BU is an internet worm for the Windows platform which spreads via file sharing on P2P networks and via email.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32feebsbu.html

Collapse -
Troj/Agent-FYQ
by Marianna Schmudlach / July 18, 2007 5:36 AM PDT
Collapse -
Troj/OnLineG-F
by Marianna Schmudlach / July 18, 2007 5:38 AM PDT

Type Spyware Trojan

Aliases Trojan-PSW.Win32.OnLineGames
TSPY_ONLINEG
PWS-OnlineGames.a trojan
PWS-LegMir.dll trojan

Troj/OnLineG-F is a password stealing Trojan for the Windows platform which attempts to steal logon details for online games.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojonlinegf.html

Collapse -
Troj/NzM-A
by Marianna Schmudlach / July 18, 2007 5:39 AM PDT
Collapse -
Troj/Dropper-QO
by Marianna Schmudlach / July 18, 2007 5:41 AM PDT
Collapse -
Troj/FakeVir-AD
by Marianna Schmudlach / July 18, 2007 5:42 AM PDT

Type Trojan

Troj/FakeVir-AD is Trojan for the windows platform.

Troj/FakeVir-AD will periodically display fake virus/spyware alerts to try and trick the user into visiting a malicious web page where further malware may be downloaded.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojfakevirad.html

Collapse -
Troj/Dropper-QP
by Marianna Schmudlach / July 18, 2007 5:44 AM PDT
Collapse -
Troj/GPCoder-G
by Marianna Schmudlach / July 18, 2007 5:45 AM PDT

Type Spyware Trojan

Aliases Win32/Spy.Agent.PZ
Virus.Win32.Gpcode.ai
GPcoder.h
TSPY_KOLLAH.F
Backdoor:Win32/Kollah.D

Troj/GPCoder-G is a Trojan for the Windows platform that encrypts users' documents and asks the user to send money to the authors in order to decrypt them.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojgpcoderg.html

Collapse -
Troj/Banloa-CO
by Marianna Schmudlach / July 18, 2007 5:47 AM PDT

Type Trojan

Aliases Trojan-Downloader.Win32.Banload.cmd

Troj/Banloa-CO is a Trojan for the Windows platform.

Troj/Banloa-CO includes functionality download and install an executable file from a remote location. At the time of writing the file downloaded by Troj/Banloa-CO was proactively detected as a member of the Mal/DelpBanc-A family of banking Trojans.


Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojbanloaco.html

Collapse -
Troj/Wordper-D
by Marianna Schmudlach / July 18, 2007 5:48 AM PDT
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?