Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

General discussion

VIRUS \ Spyware ALERTS - April 5, 2008

by Marianna Schmudlach / April 4, 2008 2:58 PM PDT
Discussion is locked
You are posting a reply to: VIRUS \ Spyware ALERTS - April 5, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VIRUS \ Spyware ALERTS - April 5, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Troj/Zlob-AJZ
by Marianna Schmudlach / April 4, 2008 3:00 PM PDT
Collapse -
Troj/MDrop-BRI
by Marianna Schmudlach / April 4, 2008 3:01 PM PDT
Collapse -
TROJ_DLOADER.EJC
by Marianna Schmudlach / April 5, 2008 12:48 AM PDT

Malware type: Trojan

This Trojan arrives as attachment to email messages spammed by another malware or a malicious user. It may be downloaded from remote sites by other malware. It may also be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

Upon execution, this Trojan drops several files, which Trend Micro detects as TSPY_PACHAT.A and TSPY_PACHAT.B.

It then downloads and opens a .PDF file from a certain URL. It accesses several URLs to download malicious files, which Trend Micro detects as TROJ_AGENT.XKF and TROJ_DELF.FFT. It then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FDLOADER%2EEJC

Collapse -
Sus/Banspy-A
by Marianna Schmudlach / April 5, 2008 1:04 AM PDT
Collapse -
W32/Kapucen-D
by Marianna Schmudlach / April 5, 2008 1:10 AM PDT
Collapse -
W32/Bckdr-QMV
by Marianna Schmudlach / April 5, 2008 1:11 AM PDT

Aliases Generic Dropper.ax

Category Viruses and Spyware

Type Worm

W32/Bckdr-QMV is a worm with IRC backdoor functionality for the Windows platform.

W32/Bckdr-QMV runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.

When first run W32/Bckdr-QMV copies itself to <System>\msmsgs.exe.

The following registry entries are created to run W32/Bckdr-QMV on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft Oftice
<System>\msmsgs.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Microsoft Oftice
<System>\msmsgs.exe

The following registry entry is set:

HKLM\SOFTWARE\Microsoft\Ole
EnableDCOM
N

http://www.sophos.com/security/analyses/viruses-and-spyware/w32bckdrqmv.html?_log_from=rss

Collapse -
Troj/NtRootK-DF
by Marianna Schmudlach / April 5, 2008 1:12 AM PDT
Collapse -
Troj/SpyCore-A
by Marianna Schmudlach / April 5, 2008 11:04 AM PDT

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!