Re: New virus worm alert ....

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 05/27/05 

Date: Fri, 27 May 2005 07:40:58 -0400

From: "Raiye" <raiye.beresford@remove.this.ntlworld.com>

| New virus doing the rounds - We contracted it here via hotmail, so it got
| through trends virus guard used by hotmail, got through avg with no probs,
| and delivered its payload
|
| subjects of emails have been
|
| party invite
| attachment returned
| you suck!
|
| Contains a zip file 0.33mb in size
|
| disables the following ...
|
| cmd, regedit and taskman
|
| Even safe boot with command prompt will freeze
|
| Files delivered are party.scr and invite.pif, but the pif is hidden, and
| will not allow the file to be renamed to .txt it puts the .pif back to the
| end of it - avg will than flag suspicious activity but it dont know what.
|
| Any body know how to recover the disabled files without having to
| re-install - they are all still there - but are being trapped somehow
|
| TpwUK
|

Please submit the ZIP file to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against 18 different AV vendor's scanners.

Another way to submit is to send the suspect file to the following email address
scan<at>virustotal.com
{ replace <at> with @ } with only the word SCAN as the subject.

Please post back the EXACT results. 

-- 
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
Quantcast