HolidayBuyer's Guide

Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - March 19, 2007

by Marianna Schmudlach / March 19, 2007 12:36 AM PDT

W32/Poebot-KL

Type Spyware Worm

W32/Poebot-KL is a worm with IRC backdoor functionality for the Windows platform.

W32/Poebot-KL runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IC channels.

W32/Poebot-KL spreads to other network computers:

- by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), SRVSVC (MS06-040), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN-2003-0812), Dameware (CAN-2003-1030) and PNP (MS05-039)

- networks protected by weak passwords

Protection available since 19 March 2007

http://www.sophos.com/security/analyses/w32poebotkl.html

Discussion is locked
You are posting a reply to: VIRUS ALERTS - March 19, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - March 19, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/Ranck-FH
by Marianna Schmudlach / March 19, 2007 12:37 AM PDT
Collapse -
Troj/Ranck-FI
by Marianna Schmudlach / March 19, 2007 12:39 AM PDT
Collapse -
Troj/Dloadr-AVH
by Marianna Schmudlach / March 19, 2007 12:40 AM PDT
Collapse -
Troj/AdClick-DW
by Marianna Schmudlach / March 19, 2007 12:42 AM PDT
Collapse -
Troj/AdClick-DX
by Marianna Schmudlach / March 19, 2007 12:43 AM PDT
Collapse -
Troj/FakeVir-AA
by Marianna Schmudlach / March 19, 2007 12:44 AM PDT
Collapse -
Troj/AdClick-DY
by Marianna Schmudlach / March 19, 2007 12:46 AM PDT
Collapse -
Troj/PWS-ALF
by Marianna Schmudlach / March 19, 2007 12:47 AM PDT
Collapse -
W32/Rbot-GHS
by Marianna Schmudlach / March 19, 2007 12:49 AM PDT
Collapse -
Mal/Dll-A
by Marianna Schmudlach / March 19, 2007 12:50 AM PDT
Collapse -
Mal/Dll-B
by Marianna Schmudlach / March 19, 2007 12:52 AM PDT
Collapse -
Mal/DownLdr-D
by Marianna Schmudlach / March 19, 2007 12:53 AM PDT
Collapse -
Troj/Dropper-NZ
by Marianna Schmudlach / March 19, 2007 12:55 AM PDT
Collapse -
Mal/IEPS-A
by Marianna Schmudlach / March 19, 2007 12:56 AM PDT
Collapse -
Hakaglan
by Marianna Schmudlach / March 19, 2007 1:25 AM PDT

First Report: 2007-03-19 12:17
Last Update: 2007-03-19 12:17

Aliases: Trojan.Agent.ahe
W32/Hakaglan.worm
W32/SillyFDC-G
W32/SillyFDC.G
W32/Sohanat.BD.worm
Win32.HLLW.Cung
Win32/Nuqel.A
Win32:Hakaglan
Worm.Hakaglan.B
Worm.Win32.AutoIt.e
Worm/Hakaglan.A.2


Description:
W32/Hakaglan.worm is a virus that makes use of an AutoIt script to spread.

http://vil.nai.com/vil/content/v_141756.htm

Collapse -
W32/Drowor.worm
by Marianna Schmudlach / March 19, 2007 1:27 AM PDT

Description:
W32/Drowor.worm may get send around using a deceiving filename Google Earth .scr. Aliases TR/VB.aei (H+BEDV) Virus.Win32.Drowor.b (Kaspersky) Win32.Drowor.A (Virusbuster) Worm.VB-117 (Clamav) Worm/VB.6.A (Grisoft)

http://vil.nai.com/vil/content/v_141757.htm

Collapse -
Downloader-BAZ
by Marianna Schmudlach / March 19, 2007 1:28 AM PDT
Collapse -
QuickTime Movies can Steal Your Identity!
by Marianna Schmudlach / March 19, 2007 1:31 AM PDT

March 19th, 2007 by Carolyn Guevarra

Yet another malware is recently discovered lurking the pages of MySpace, a popular social networking Web site that has become a favorite target of threat attacks by malware authors today. This malware is a JavaScript Trojan that uses QuickTime movies as its infection vector. This malicious script is found embedded in a MySpace page of a French rockband. The said page has an EMBED tag that instructs a user?s browser to play a movie when the HTML page is opened. However, the attribute of the movie is set to ?hidden?, therefore it is invisible to the profile viewer. The QuickTime movie is downloaded from the server, profileawareness.com.

QuickTime has a feature that allows URLs or JavaScript codes to be embedded in a movie. This malware takes advantage of this feature by embedding a malicious JavaScript program within the movie. Thus, when the movie is played, the JavaScript is automatically downloaded and executed. This JavaScript is a spyware that collects data about MySpace users that visits the page. The stolen information is then uploaded to the profileawareness server.

Trend Micro detects the malicious JavaScript as JS_SPACESTALK.A and the QuickTime movie as TROJ_DLOADER.JHV.

http://blog.trendmicro.com/

Collapse -
W32/Brontok-DA
by Marianna Schmudlach / March 19, 2007 7:13 AM PDT
Collapse -
Troj/Gampas-Gen
by Marianna Schmudlach / March 19, 2007 7:15 AM PDT
Collapse -
W32/PWFuzz-A
by Marianna Schmudlach / March 19, 2007 7:16 AM PDT
Collapse -
Troj/Delf-EQW
by Marianna Schmudlach / March 19, 2007 7:18 AM PDT
Collapse -
W32/Kapucen-A
by Marianna Schmudlach / March 19, 2007 7:19 AM PDT
Collapse -
spyware or a computer virus?
by Dejael / March 19, 2007 12:00 PM PDT

Please help me. Suddenly, my laptop computer keyboard is screwed up. I don't know what happened.
Here is what I get when I type the main keys on my keyboard now:

123456789*-=
qwerty456-asdfgh123zxcvbn0
QWERTY456-ASDFGH123ZXCVBN0

As you can see, there is some kind of a bug in my computer system. I have never experienced this before, and am completely baffled as to how this could have happened. It happened overnight. Could this be the result of spyware or a computer virus?

I am typing this message to you on my other computer, a Dell PC running Windows XP. My laptop is a Compaq Presario 1692, about 9 or 10 years old, running Windows XP. I can't type anything on my laptop now until I get this keyboard problem fixed. Is it repairable? Why is my keyboard suddenly typing the wrong characters instead of what they are programmed to type? For example, when I type the 0 (zero) I get an asterisk, the U is a 4, and so on.

Last night, I was doing my routine e-mails and checking a website for medical information called
Web-MD.com, then I logged out and closed all internet windows. (I am using Mozilla Firefox as my web browser, so it can't be from some virus on Internet Explorer.)

Then I did my routine 6-months disc defragmentation on both my PC and my laptop, and went to bed.
This morning when I went to check my e-mail, I found I couldn't log on because the keyboard was not typing the right letters. It's a good thing I saved my log-on passwords in a secret password file or I wouldn't be able to use my laptop at all now. I use my laptop for internet, and my PC is a stand-alone without any internet access, and I only transfer files between the computers when I need to using a flash drive USB device, which is safer than using floppy discs or even CDs.

I had to copy and paste my e-mail addresses and passwords into my e-mail programs to use them.
And now I can't type any e-mail responses without getting this laptop repaired, if that's possible.

I tried shutting the laptop down and rebooting it a couple of times, but that did not fix the problem.
Curiously, though, when I was logging onto Windows XP with my user password, it typed it correctly and I was able to get into my own environment. This leads me to believe this may be a computer virus.
I don't have a firewall in place and maybe that's why.

I can't really afford to upgrade or replace my old laptop with a new one, so can you please help?

Can you please help me and let me know what I need to do?

Thank you.

Dejael
Frustrated User

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.