Re: Troj/ServU - How does it work/How to prevent it? (Removal known)



"Brock Hensley" <brock.hensley@xxxxxxxxxxxxxxxxxxx> wrote in message
news:2C6C5232-9773-4688-A4EF-C1A37C64AFC3@xxxxxxxxxxxxxxxx
Hello,

I have been trying to research this "Serv-U" Virus,

It is not a virus.

with the following aliases, to figure out how it infects servers and
how to prevent it. We have a solution on how to remove the virus,

Still not a virus.

we just need to know how it infects servers and how to prevent it.

We consistantly see the infection only repeat on Virtual Servers with
Windows Server 2003 Web Edition.

not-a-virus:Server-FTP.Win32.Serv-U.5000 (Kaspersky Lab) is also known
as:

not-a-virus:RiskWare.FTP.Serv-U.5000 (Kaspersky Lab)
Hacktool (Symantec)

Nice that some malware detectors know a 'not-a-virus' when they see one
and actually state the fact. So many just add to the confusion.

BackDoor.Servu.5000 (Doctor Web)
Troj/ServU-Gen (Sophos)
BDS/ServU.ba.1 (H+BEDV)
Win32:Trojano-356 (ALWIL)
Trojan.ServU.G (SOFTWIN)
Trojan.Servu.1 (ClamAV)
Bck/ServU.BB (Panda)

Does anyone have any helpful information on this virus?

http://www.serv-u.com/suvirushack.asp



.



Relevant Pages

  • [Full-Disclosure] Re: Viral hoax
    ... amounts of destruction and/or confusion that way? ... "Hey, watch out, ... kernel32.dll is infected by a virus, you must delete it now and pass ...
    (Full-Disclosure)
  • Never mind
    ... Turns out confusion and weakness in my dad caused by a virus, ... bacterial infection, which is even worse, since nothing to do for it. ...
    (sci.med)
  • Troj/ServU - How to Prevent?
    ... I have been trying to research this "Serv-U" Virus, with the following aliases, to figure out how it infects servers and how to prevent it. ...
    (microsoft.public.windows.server.security)
  • Re: How does a malware effect a program and get loaded by Windows?
    ... PHP virus ... Java virus ... Too much confusion and no solution. ...
    (alt.comp.anti-virus)