Antisource.com  /  Security Forums  /  About  /  FAQs  /  Links  /  Polls  /  Advanced Search     
Register!   Login  
The All Inclusive Security Resource
Defending users and administrators against the
threat of viruses, trojans, spam, spyware, and hackers
Topics
General News
Antivirus Reviews
Network Defense
Spyware
Anti-Spam
Phishing Scams
Virus Alerts
Security Forums
Desktop Security
Malware Removal Help
Spam Blocking
Patches and Hotfixes

Network Security
Firewalls and Routers
Intrusion Detection
Web Proxies

Antivirus Support
Symantec
McAfee
Trend Micro
Other Antivirus
Quick Resources
About Antisource
Malware Threats Triangle
Free Virus Scan
Virus Map
 

Rbot - scrtkfg.exe and icp.exe

Sunday, April 17, 2005
Author: Paul Ryan
Permalink: rbot-scrtkfg-icp 		Virus Alerts
Email Article to a Colleague Printer-Friendly Version Author's Profile


This appears to be a variant of Richard's ciscv.exe/icp.exe reported March 30. Does exactly the same things... scrtkfg.exe thrashes about trying to contact http.pr3d.us over port 5001 again with multiple IP's while icp.exe hogs 99% of CPU time.

I submitted files to VET and got this reply today:

The Windows PE (I386,EXE) file "scrtkfg.exe" has been determined to be malicious.

Aliases reported by other Antivirus products are listed here:
(W32/Spybot.JDT) (Backdoor.Win32.Rbot.gen) (W32.Spybot.Worm)

CA antivirus products address this malware as follows:
Vet Anti-Virus 10.6x
We will inform you by email ASAP when we have a signature update available providing detection
  

Comment about Rbot - scrtkfg.exe and icp.exe | 0 comments |

The following comments are owned by whomever posted them. This site is not responsible for what they say.

 
 Copyright © 2008 Antisource
 All trademarks and copyrights on this page are owned by their respective owners.
Running GeekLog | Privacy Policy | Created this page in 0.28 seconds | Site Stats | RSS Feed xml