spexta trojan installs to protected folder
- From: shawn modersohn <smmodersohn@xxxxxxxxxxx>
- Date: Thu, 29 Mar 2007 18:26:49 -0500
Running XP SP2,
I have just seen a curious virus identified by Symantec Corporate 10.1. The virus is called trojan.spexta and is a mass mailing worm. The computer is locked down. Users are only given limited accounts. I am the only user who logs in as Admin and I assure you I am careful in this account. The issue I am having and according to the logs, is that this particular virus somehow manages to write directly to c: and c:\windows\system32 with a file called eventmgr.exe. I have seen this process eat 100% of the system resources. I think that it might be getting in through a users web mail of choice. This system is fully patched so how is this possible? As far as I can fathom, this virus must be using some exploit that overrides folder security.
.
- Follow-Ups:
- Re: spexta trojan installs to protected folder
- From: David H. Lipman
- Re: spexta trojan installs to protected folder
- Prev by Date: Re: Problem setting up Administrator account
- Next by Date: Re: spexta trojan installs to protected folder
- Previous by thread: Re: Problem setting up Administrator account
- Next by thread: Re: spexta trojan installs to protected folder
- Index(es):
Relevant Pages
|
|
