Winmsfw.exe: Anyone seen it recently?

J

Joe

Found on a clients PC... NOD32 was installed and missed it. I
eventually found it with Hijack This and removed it manuallyand with
Prevx. The only apps I found that would even detect it were Prevx and
Trojan Hunter. Now, the problem is, if as Prevx say, it is over a year
old, why is it a fully updated NOD32 missed it, not to mention Trojan
Hunter(found it, but would not remove it), online Trend, Panda,
Spybot? BTW, the client was notified by their ISP, who had received
complaints from other users.
 
D

David H. Lipman

From: "Joe" <[email protected]>

| Found on a clients PC... NOD32 was installed and missed it. I
| eventually found it with Hijack This and removed it manuallyand with
| Prevx. The only apps I found that would even detect it were Prevx and
| Trojan Hunter. Now, the problem is, if as Prevx say, it is over a year
| old, why is it a fully updated NOD32 missed it, not to mention Trojan
| Hunter(found it, but would not remove it), online Trend, Panda,
| Spybot? BTW, the client was notified by their ISP, who had received
| complaints from other users.


Please submit a sample "Winmsfw.exe" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:[email protected]?subject=SCAN

When you get the report, please post back the exact results.
 
J

John Coutts

Found on a clients PC... NOD32 was installed and missed it. I
eventually found it with Hijack This and removed it manuallyand with
Prevx. The only apps I found that would even detect it were Prevx and
Trojan Hunter. Now, the problem is, if as Prevx say, it is over a year
old, why is it a fully updated NOD32 missed it, not to mention Trojan
Hunter(found it, but would not remove it), online Trend, Panda,
Spybot? BTW, the client was notified by their ISP, who had received
complaints from other users.
Click to expand...
*********** REPLY SEPARATER *************
I'm confused. According to Prevx Web site, this virus was first seen Jun 2
2006. I was about to say that some AV programs detect variants as an older
virus, especially those using heuristics, but a quick search on the Web
indicates that this is relatively new. Sophos has had protection available
since June 16,2006.

J.A. Coutts
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows defender 3
Undetectable Spyware 4
False positive? 5
Patches for Zero-Day Vulnerability ineffective? 12
Zeus/Zbot source code leaked on net: Does it go by other names - likeBifrost? 6
res://C:\WINDOWS\System32\shdoclc.dll/navcancl.htm 3
Followup re AntiVirus Scanners; Nod32, Kaspersky, etc 15
Is MKS-Vir 2005 better than Kaspesky? 5

Top