Please help some virus send viruses using smtp :huh::blink:
Here is atach
[ATTACH]106313[/ATTACH]:smile:
Printable View
Please help some virus send viruses using smtp :huh::blink:
Here is atach
[ATTACH]106313[/ATTACH]:smile:
1.how do you know it ?
2. Please execute this script:
[code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('c:\program files\5ci\icafe client v1.0\icclie.exe','');
QuarantineFile('C:\WINDOWS\system32\ntsim.sys','');
QuarantineFile('c:\documents and settings\useric\useric.exe','');
BC_ImportAll;
BC_Activate;
RebootWindows(true);
end.[/code]
it will just copy some files, please find the quarantine folder in sub folder of avptool,
Zip it with password [B]virus[/B] and send by [url]http://virusinfo.info/upload_virus_eng.php?tid=38353[/url]
i uploaded but IC Client is not virus :)
Here new attach time when sending mails
[ATTACH]106352[/ATTACH]:cool:
Помоги :) то и так уже сервер забанил наш ип за рассылку спама
Please, here in english. In Russian [url]http://virusinfo.info/forumdisplay.php?f=46[/url] :)
useric.exe-Some fresh trojan.
drweb call it Trojan.DownLoad.28430, vba32( heuristic detection: BScope.Trojan.Inject.Gen)
here the script for curing: (remember, before execution: disconnect form internet, disable system restore and disable your antivirus)
[code]
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\documents and settings\useric\useric.exe');
DeleteFile('c:\documents and settings\useric\useric.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[/code]
Please clean temp folders.
you can also can scan with latest cureit in safe mode and make a new log in avptool :)