Spyware, Viruses, & Security forum

General discussion

VIRUS ALERTS - September 23, 2007

by Marianna Schmudlach / September 23, 2007 2:05 AM PDT
Discussion is locked
You are posting a reply to: VIRUS ALERTS - September 23, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS ALERTS - September 23, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Backdoor.Unpdoor
by Marianna Schmudlach / September 23, 2007 3:02 AM PDT
Collapse -
PE_LURKER.A
by Marianna Schmudlach / September 23, 2007 3:04 AM PDT

First Report: 2007-09-23

Description:
This is Trend Micro's detection for files detected as PE_LURKER.A-O. Upon execution, it drops a file which this file infector uses for its infection and propagation routines. Trend Micro detects the dropped file as PE_LURKER.A-O. It then registers PE_LURKER.A-O as a system service to ensure its automatic execution at every system startup.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE%5FLURKER%2EA

Collapse -
PE_LURKER.A-O
by Marianna Schmudlach / September 23, 2007 3:06 AM PDT

First Report: 2007-09-23

Malware type: File infector

Description:


This file infector may arrive via network shares. It may be downloaded unknowingly by a user when visiting malicious Web sites. It may arrive via removable drives

It drops copies of itself. It drops files/components detected by Trend Micro as BKDR_BIFROSE.AOM.

It creates registry entries to enable its automatic execution at every system startup.

It creates registry key(s)/entry(ies).

It infects by appending its code to target host files. It infects files of certain types.

It drops copies of itself in all removable drives. It also drops an AUTORUN.INF file to ensure its automatic execution every time the said drives are accessed.

It has rootkit capabilities which enables it to hide its files, processes, and registry settings.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE%5FLURKER%2EA%2DO

Collapse -
W32/Rbot-GTP
by Marianna Schmudlach / September 23, 2007 3:09 AM PDT

Type Worm

How it spreads Network shares

Affected operating systems Windows

Side effects Allows others to access the computer
Installs itself in the Registry

Aliases W32/Sdbot.worm.gen.y
Win32/Rbot.VC
WORM_SPYBOT.GEN
Backdoor.Win32.Rbot.gen
W32/Spybot.APC

Protection available since 23 September 2007

http://www.sophos.com/security/analyses/w32rbotgtp.html

Collapse -
W32/Rbot-GTR
by Marianna Schmudlach / September 23, 2007 3:10 AM PDT
Collapse -
W32/Rbot-GTN
by Marianna Schmudlach / September 23, 2007 3:11 AM PDT

Type Worm

How it spreads Network shares

Affected operating systems Windows

Side effects Allows others to access the computer
Installs itself in the Registry

Aliases W32/Spybot.AOM
W32/Sdbot.worm.gen.y
WORM_SPYBOT.GEN
Backdoor.Win32.Rbot.gen
Win32/Rbot.DC

Protection available since 23 September 2007

http://www.sophos.com/security/analyses/w32rbotgtn.html

Collapse -
W32/Rbot-GTM
by Marianna Schmudlach / September 23, 2007 3:13 AM PDT

Type Worm

How it spreads Network shares

Affected operating systems Windows

Side effects Allows others to access the computer
Installs itself in the Registry

Aliases W32/Spybot.AQJ
W32/Sdbot.worm.gen.y
WORM_SPYBOT.GEN
Backdoor.Win32.Rbot.gen
Win32/RBot.NX

Protection available since 23 September 2007

http://www.sophos.com/security/analyses/w32rbotgtm.html

Collapse -
Troj/BagleDl-CZ
by Marianna Schmudlach / September 23, 2007 3:14 AM PDT
Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.