Re: MORICONS.EXE trojan/virus?
From: Tim (Tims-News123_at_carolina.rr.comRemove#s)
Date: 05/15/04
- Previous message: charlie R: "Re: ZoneAlarm did NOT stop "GATOR""
- In reply to: Renegade: "Re: MORICONS.EXE trojan/virus?"
- Next in thread: Chuck: "Re: MORICONS.EXE trojan/virus?"
- Reply: Chuck: "Re: MORICONS.EXE trojan/virus?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 15 May 2004 16:19:44 GMT
Here's the info on the file:
Location: c:\windows\system32\moricons.exe
Size: 48.8 KB (50,042 bytes)
Size on disk: 52.0 KB (53,248 bytes)
Created, modified and accessed: Wednesday, August 22, 2001, 9:02:03 PM
Found a link to it in the reg:
HKEY_CURRENT_USER\Software\Microsoft\SearchAssistant\ACMru\5603
Name:000
Type: REG_SZ
Data: MORICONS.EXE
I'll try renaming it and if that works I'll remove the link in the reg and
then try to delete it. I would really like to know where it came from
though.
> I don't know what that file is, but the correct name for the file that it
> is impersonating is "moricons.dll". Have you tried renaming the exe to
> something else ( like moricons.suspect) so that it doesn't get executed?
> If it is a required file, you should get some kind of error message after
> renaming and rebooting.
- Previous message: charlie R: "Re: ZoneAlarm did NOT stop "GATOR""
- In reply to: Renegade: "Re: MORICONS.EXE trojan/virus?"
- Next in thread: Chuck: "Re: MORICONS.EXE trojan/virus?"
- Reply: Chuck: "Re: MORICONS.EXE trojan/virus?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
