Re: New Virus Threat
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Tue, 23 May 2006 18:00:43 -0400
From: "Joao Pinto" <Joao Pinto@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Hi all
|
| There's a new virus that affects Windows Update. It turns Automatic Update
| in services.msc you can see it disables it. It also disables any version of
| Norton Anti-Virus.
|
| It creates a service called ##exmodul.exe that immediately connects to the
| internet sending thousands of infected mails. It has been identified as a
| trojan but it looks like a worm.
|
| It mutates from any number to another. I my case it started as 46exmodul.exe
| to 77exmodul.exe. The point is that this exploits a windows weakness and
| there's no tool to remove it from Norton or Windows Update and apparently
| neither Microsoft or Symantec knows about it.
|
| I have both Windows and Internet Security fully up-to-date.
A Kaspersky name...
http://www.viruslist.com/en/viruses/encyclopedia?virusid=120195
Have you submitted a sample to Virus Total ?
If you haven't....
Please submit a sample to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.
You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@xxxxxxxxxxxxxx?subject=SCAN
When you get the report, please post back the exact results.
The Kaspersky module of my Multi AV Scanning Tool could be used.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
.
- Prev by Date: Re: i can't enable the firewall
- Next by Date: Re: New Virus Threat
- Previous by thread: Win XP Folders always open in Search Mode
- Next by thread: Re: New Virus Threat
- Index(es):
Relevant Pages
|
