Welcome to the Virus Encyclopedia of Panda Security.
It attempts to download and run a file, which belongs to W32/Bagle.LA, from different web pages, and has rootkit functionalities, which allow it to hide itself. It does not spread automatically by its own means.
|First detected on:||Jan. 8, 2007|
|Detection updated on:||Jan. 8, 2007|
|Yes, using TruPrevent Technologies
Mitglieder.MF is a Trojan that attempts to download and run a file from different websites on the affected computer. This file belongs to the worm detected as Bagle.LA.
Mitglieder.MF has rootkit functionalities, which allow it to hide itself. It also prevents the computer from being run in Safe Mode.
Mitglieder.MF does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
Mitglieder.MF is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
However, it can reach the computer in a file that passes itself off as a crack (a program designed to modify the behavior of the original software by eliminating the restrictions that prevent its illegal copy) for a certain program.
If so, it displays the following symptoms:
- The file has the following icon:
- When it is run, a window like the following is opened in order to select the file of the program to be modified:
- When trying to open the file, the following error message is displayed: