Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Worm_vb.gdm
Special Forums Cybersecurity Malware Advisories (RSS) Worm_vb.gdm Post 302183938 by Linux Bot on Thursday 10th of April 2008 06:50:02 AM
Old 04-10-2008
Worm_vb.gdm
This worm may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
It drops copies of itself.
It creates registry entries to enable its automatic execution at every system startup. It employs registry shell spawning so that it executes when files of certain types are run. It does this by creating registry entries.
It disables Regsitry Editor. It does the said routine to avoid termination from the affected system's memory. It modifies registry entries to hide files with both System and Read-only attributes. It creates registry key(s)/entry(ies) as part of its installation routine.
It drops copies of itself in all physical drives and in all removable drives.


More...
 

4 More Discussions You Might Find Interesting

1. Ubuntu

Turn off GDM boot-up?

I remember I could boot from terminal and then log into gnome as I pleased with Ubuntu. And since ubuntu derives from Debian I figured I would be able to do the same. Don't knwo shich file to edit though... /Richard (3 Replies)
Discussion started by: riwa
3 Replies

2. UNIX for Dummies Questions & Answers

Installing gdm on mac os x tiger

I was installing gdm on the terminal application and my ISP disconnected. When I reconnected and tried to continue the installation, I got the following message: Waiting for lock on... (0 Replies)
Discussion started by: adrianzen
0 Replies

3. UNIX for Advanced & Expert Users

ldap+samba+gdm trouble

I'm having troubles setting up a client(with Ubuntu 8.10) for a ldap+samba server. I can't authenticate through the client with gdm, the messages I have in /etc/auth.log at the client is Dec 4 14:21:56 myuser-mydesktop gdm: nss_ldap: failed to bind to LDAP server ldap://192.168.0.1: Invalid... (5 Replies)
Discussion started by: capibolso
5 Replies

4. BSD

gdm restart infinitely

Salamo Alikom when i start gdm to log in ,i found it restart infinitely . my log files : (1 Reply)
Discussion started by: SIFE
1 Replies

LEARN ABOUT SUNOS

wsreg_initialize

wsreg_initialize(3WSREG)			    Product Install Registry Library Functions				  wsreg_initialize(3WSREG)

NAME

       wsreg_initialize - initialize wsreg library

SYNOPSIS

       cc  [flag ...]  file ...-lwsreg [library ...]
       #include <wsreg.h>

       int wsreg_initialize(Wsreg_init_level level, const char *alternate_root);

DESCRIPTION

       The wsreg_initialize() function initializes the wsreg library.

       The level argument can be one of the following:

       WSREG_INIT_NORMAL	       If an old registry file is present, attempt to perform a conversion.

       WSREG_INIT_NO_CONVERSION        If  an  old  conversion file is present, do not perform the conversion, but indicate that the conversion is
				       recommended.

       The alternate_root argument can be used to specify a root prefix.  If NULL is specified, no root prefix is used.

RETURN VALUES

       The wsreg_initialize() function can return one of the following:

       WSREG_SUCCESS		       The initialization was successful and no registry conversion is necessary.

       WSREG_CONVERSION_RECOMMENDED    An old registry file exists and should be converted.

       A conversion is attempted if the init_level argument is WSREG_INIT_NORMAL and a registry file  from  a  previous  version  of  the  product
       install registry exists.  If the wsreg_initialize() function returns WSREG_CONVERSION_RECOMMENDED, the user either does not have permission
       to update the product install registry or does not have read/write access to the previous registry file.

USAGE

       The wsreg_initialize() function must be called before any other wsreg library functions.

       The registry conversion can take some time to complete.	The registry conversion can also be performed using the graphical registry  viewer
       /usr/bin/prodreg or by the registry converter /usr/bin/regconvert.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Unsafe			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       prodreg(1M), wsreg_can_access_registry(3WSREG), attributes(5)

SunOS 5.10							    22 Sep 2000 					  wsreg_initialize(3WSREG)
All times are GMT -4. The time now is 11:20 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy