New Malware
Here is new malwares appeared in my computer. Pass unrar : infected
/applications/core/interface/file/attachment.php?id=962" data-fileid="962" rel="">New_Malware.rar
Comments
-
Please look here
0 -
It's a VB worm. Signed it; thanks for the sample.
To remove it:
- from task manager (or better yet, Process Explorer) kill the process System.exe. ATTN: do NOT kill the System process, but System.exe;
- delete (or scan with BD after an update and instruct it to delete detected files):
c:\windows\config\system.exe
c:\windows\config\svchost.exe (NOT the one in system32!)
c:\config\system.exe
- on ALL drives (ie. C:, , etc.):
[drive]:\recycled\info.exe
- if the file autorun.inf in the root of the drives contains the string info.exe, also delete it.
- note that the files may be hidden; the best option would probably to update your BD and allow it to delete all infected files detected as Win32.Worm.VB.NPM.0