Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - July 18, 2007

W32/Looked-DM

Type Virus

Aliases Trojan-Dropper.Win32.Small.axi
Win32/Viking.DB
PE_LOOKED.ABM-O

W32/Looked-DM is a prepending virus and network worm for the Windows platform.

W32/Looked-DM spreads via file sharing on P2P networks.

W32/Looked-DM runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.

W32/Looked-DM includes functionality to access the internet and communicate with a remote server via HTTP.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddm.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - July 18, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - July 18, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/IBank-H

In reply to: VIRUS ALERTS - July 18, 2007

Type Spyware Trojan

Troj/IBank-H is a Trojan which tries to steal internet banking logon details by displaying fake HTML logon pages.

Troj/IBank-H can arrive as a result of web browsing. Visiting certain web sites may initiate the download process.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojibankh.html

Collapse -
Exp/QTP-A

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/Lineag-AP

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
W32/Looked-DN

In reply to: VIRUS ALERTS - July 18, 2007

Type Virus

Aliases Worm.Win32.Viking.bd
Win32/Viking.BY
PE_LOOKED.UX

W32/Looked-DN is a prepending virus and network worm for the Windows platform.

W32/Looked-DN spreads via infected files and file sharing on P2P networks.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddn.html

Collapse -
W32/Looked-DP

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
W32/Looked-DO

In reply to: VIRUS ALERTS - July 18, 2007

Type Virus

Aliases Worm.Win32.Viking.k
W95/Philis.E
Win32/Viking.NAH
PE_LOOKED.AC

W32/Looked-DO is a prepending virus and network worm for the Windows platform.

W32/Looked-DO spreads via infected files and file sharing on P2P networks

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddo.html

Collapse -
W32/Looked-DQ

In reply to: VIRUS ALERTS - July 18, 2007

Type Virus

Aliases Worm.Win32.Viking.bd
Win32/Viking.BY
PE_LOOKED.UX

W32/Looked-DQ is a prepending virus and network worm for the Windows platform.

W32/Looked-DQ spreads via infected files and file sharing on P2P networks.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32lookeddq.html

Collapse -
W32/Poebot-MN

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/Agent-FXT

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/DwnLdr-GVR

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/PSW-EF

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/Banloa-CR

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/DwnLdr-GWU

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/VB-DWS

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/BHO-CT

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/Banker-EIF

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
TROJ_DLOADER.OWO - A Word to the Wise

In reply to: VIRUS ALERTS - July 18, 2007

July 18th, 2007 by Donna Corpin

July?s Patch Tuesday came last week, but a new Trojan detected as TROJ_DLOADER.OWO comes on its tail posing as a reminder for users to update their word processor on Windows systems.


Using one of the oldest tricks in the book, it displays a fake error message box with the following message upon execution:


Please update your version of Microsoft Word!


Its download routine is only triggered once unknowing users click on the OK button in the said box, as if it needs a user?s green light before it can proceed to infect systems. This is probably what sets it apart from other downloaders, which perform their routines immediately upon arrival. It also terminates certain security-related processes and uses the Microsoft Word icon to trick users into thinking that it is a legitimate file.


So, a word to the wise: Try not to fall for ?polite? but fake messages that know just when and how to say ?please,? even if it asks for your consent. Best of all, get your updates and/or patches straight from the legitimate vendors of your installed applications and beware of ever-evolving social engineering techniques.

http://blog.trendmicro.com/

Collapse -
W32/Fujacks-AM

In reply to: VIRUS ALERTS - July 18, 2007

Type Worm

Aliases Win32/Fujacks.AK
Worm.Win32.Fujack.g
W32/Fujacks.m

W32/Fujacks-AM is a virus for the Windows platform which has functionality to spread to network shares and removable devices.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32fujacksam.html

Collapse -
W32/SillyFDC-AL

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
W32/VB-DWT

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
W32/Feebs-BU

In reply to: VIRUS ALERTS - July 18, 2007

Type Worm

Aliases Worm.Win32.Feebs.gen
JS/Feebs.gen.z@MM trojan
JS_FEEBS.GEN-9
Trojan:JS/Feebs.gen!D

W32/Feebs-BU is an internet worm for the Windows platform which spreads via file sharing on P2P networks and via email.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/w32feebsbu.html

Collapse -
Troj/Agent-FYQ

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/OnLineG-F

In reply to: VIRUS ALERTS - July 18, 2007

Type Spyware Trojan

Aliases Trojan-PSW.Win32.OnLineGames
TSPY_ONLINEG
PWS-OnlineGames.a trojan
PWS-LegMir.dll trojan

Troj/OnLineG-F is a password stealing Trojan for the Windows platform which attempts to steal logon details for online games.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojonlinegf.html

Collapse -
Troj/NzM-A

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/Dropper-QO

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/FakeVir-AD

In reply to: VIRUS ALERTS - July 18, 2007

Type Trojan

Troj/FakeVir-AD is Trojan for the windows platform.

Troj/FakeVir-AD will periodically display fake virus/spyware alerts to try and trick the user into visiting a malicious web page where further malware may be downloaded.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojfakevirad.html

Collapse -
Troj/Dropper-QP

In reply to: VIRUS ALERTS - July 18, 2007

Collapse -
Troj/GPCoder-G

In reply to: VIRUS ALERTS - July 18, 2007

Type Spyware Trojan

Aliases Win32/Spy.Agent.PZ
Virus.Win32.Gpcode.ai
GPcoder.h
TSPY_KOLLAH.F
Backdoor:Win32/Kollah.D

Troj/GPCoder-G is a Trojan for the Windows platform that encrypts users' documents and asks the user to send money to the authors in order to decrypt them.

Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojgpcoderg.html

Collapse -
Troj/Banloa-CO

In reply to: VIRUS ALERTS - July 18, 2007

Type Trojan

Aliases Trojan-Downloader.Win32.Banload.cmd

Troj/Banloa-CO is a Trojan for the Windows platform.

Troj/Banloa-CO includes functionality download and install an executable file from a remote location. At the time of writing the file downloaded by Troj/Banloa-CO was proactively detected as a member of the Mal/DelpBanc-A family of banking Trojans.


Protection available since 18 July 2007

http://www.sophos.com/security/analyses/trojbanloaco.html

Collapse -
Troj/Wordper-D

In reply to: VIRUS ALERTS - July 18, 2007

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.