Virus Alert: Global Hauri Issues Medium Warning for 'SMB Worm' Spreading Through MSN Messenger
Market Wire, September, 2003
Today, Global Hauri assigned a medium risk to Worm.Win32.Smbmsn.163840, which effects the systems win32. The new worm, discovered last night, comes through MSN Messenger as an SMB.EXE file attachment. Once the user accepts this file, the worm will send the SMB. EXE file to all contacts in MSN messenger contact list. If the user actually executes this file, a dos prompt will come up for about a second and then disappear. (See screenshot)
Global Hauri's CEO, Mr. Eric Kwon says, "After infection this virus tries to connect to some porno site and cause network traffic. To the user, it appears to be difficult to log in MSN Messenger. We are currently analyzing this worm for more details. However, when you get a message from MSN messenger 'Sending SMB.EXE file,' do not accept this file."
The worm unzips these files: Under C:\ drive - smb.exe, admagic.exe and test.txt and Under Windows directory - atl.dll, raw32x.dll, sm.dll and uz.exe, and Under Registry: KEY_LOCAL_MACHINE\SOFTWARE\Micorosoft\Windows\CurrentVersion\Run it will register svchost = admagic.exe.
How to Repair:
Go to www.globalhauri.com and download ViRobot latest definitions file of September 26, 2003 to detect/repair (removal of worm file).
How to repair manually
Go to task manager. (Ctrl+alt+del) Select "process tab" Click 'admagic.exe' then click End Process Go to C drive and delete 'smb.exe' and 'admagic.exe' Go to Windows directory and delete 'atl.dll,' 'raw32x.dll,' 'sm.dll' and 'uz.exe' Go to registry (Start - > Run - > type "regedit" - > click ok then go to HKEY_LOCAL_MACHINE\SOFTWARE\Micorosoft\Windows\CurrentVersion\Run and delete svchost = admagic.exe string value.
When you get a message from MSN messenger "Sending SMB.EXE file," do NOT accept this file.
If you would like to speak to Global Hauri executives about the new announcements, or wish to review the Global Hauri ViRobot Expert virus killer software please contact Xenia at xvonwedel@terpin.com
Xenia von Wedel for Global Hauri THE TERPIN GROUP xvonwedel@terpin.com (650) 563- 9130
Most Recent Business Articles
- How do I determine my retainer fee?
- Why fly solo when an executive assistant can accelerate your CLNC® business?
- The CLNC® mentors held the key to my first case and to my CLNC® success
- Atlanta CLNC® 6-day certification seminar photo gallery—plus sign up today for spring 2009 to save $100.00
- Speak to a full-time practicing CLNC® consultant
Most Recent Business Publications
Most Popular Business Articles
- Using object-oriented analysis and design over traditional structured analysis and design
- Big Fish Games Migrates Upstream to Fisher Plaza; High Growth Online Gaming Firm Vaults Fisher Plaza Occupancy Rate Above 90%
- Top of the line: some of the world's most well-respected doctors practice in South Florida. A guide to choosing the best physician specialists - Top Doctors in South Florida
- Sand filter basics: high-rate sand filters can be confusing for those new to the business. Understanding valve modes is the key
- BEHR Paints Introduces a Colorful New Way to Paint and Prime All in One with BEHR Premium Plus Ultra™ Interior
Most Popular Business Publications
Content provided in partnership with http://findarticles.com/source//
Sponsored by Merrill Lynch