Endpoint Protection

Hi there,

Has anybody seen the Lopna folder on their C drive. I had this last week and I sent it off to Symantec for testing but I only got a response to say that it was not a threat. Today I noticed it on another of my users machines. It seems to create a folder in the c drive called Lopna and in that is a recycle bin icon called AZIZ. The closest i have found to my error is http://www.threatexpert.com/report.aspx?md5=5a8eafa86ca64e71ad4fcbe93a5d7241 where they have the exact same details. I have to find out how to get rid of this before it speards to my network.

I remove the registry keys that it creates yet it keeps coming back. Another thing I noticed is that a black command screen comes up with a filckering dash over it. The file is stored in the Symantec folder in the program files. Everytime i delete it, give it 5 min and it is back. I would like to find out if anyonoe has figured out how to remove this virus.

Thank-you
Nathan

That zip file is the file i think is the one causing the problem !!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Hi There,

I jsut removed all the folders there were , plus the registry files, stopped system restore then removed the file that is in that zip file in my previous thread, rebotted the machine and it looks like it gone. I will post again if it is still there.

Threat Expert shows this as a Trojan.  http://www.threatexpert.com/report.aspx?md5=2fa369d22eaff44811c769ca0321079f

Symantec detects this as Backdoor.Trojan. Make sure you have the latest definitions for detecting this threat.

Thomas

Okay, so what I understand is that you put the actual infection in the zip file you posted here?
Nice going. *facepalm*
I bet there are a lot of curious people downloading it and are now 'trying it out'.
You should have submitted it to Security Response. That way they can write a detection and removal for it.
Whoever moderates this should delete the zip file.

John, I failed to see the attachment. I just deleted the file.

Thanks for catching that,
Thomas