I've got an attack from this virus. I don't know how, because my Windows box was up-to-date.
Apparently, there is no information about this virus on the Net.
The network layer is broken sometimes, and the only to repair, is to replace the netbt.sys, tcpip.sys with a good copy. The next step is to reset the network card with the following command : netsh int ip reset c:\lognetsh.txt.
The Symantec definitions from the 8 january detects this malicious process. Apparently Symantec 9 is not infected by this virus, only the 10 version.
The virus tries to connect to mert.prizmanet.com:8080
FAQ I True Mart data leak
6 years ago
No comments:
Post a Comment