FYI: Avert Labs Dat Release Notification: 4828 Emergency Dat Files Release

J

John Smith

David H. Lipman said:
"The 4828 dat files have been released early due to the
IRC-Mocbot!MS06-040 threat.
The various 4828 dat file packages can be found at
http://www.mcafee.com/apps/downloads/security_updates/dat.asp
Click to expand...

Yes, McAfee removes the executables, but it doesn't fix the registry damage
done by this thing. Do you know what registry keys are modified?

On my win2k box, the administrative share C$ is gone after the infection.
I'm not sure how to get it back, or what other registry mischief may have
been done.
 
D

Dustin

Yes, McAfee removes the executables, but it doesn't fix the registry damage
done by this thing. Do you know what registry keys are modified?

On my win2k box, the administrative share C$ is gone after the infection.
I'm not sure how to get it back, or what other registry mischief may have
been done.
Click to expand...

You could just goto grc.com and grab the letshare, noshare utilities.
letshare should restore it for you.

--
Dustin Cook
Author of BugHunter - MalWare Removal Tool
Version 1.9.2 Released August 15th, 2006
Last Pattern Update: August 15th, 2006
http://bughunter.it-mate.co.uk
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

FYI: Avert Labs Dat Release Notification: 4915 Emergency Dat Files Release 7
FYI: Avert Labs Dat Release Notification: 4997 Emergency Dat Files Release 1
McAfee/AVERT announces dailt DAT file release 18
FYI: AVERT Medium Threat Advisory: W32/Sober.r@MM -- The latest McAfee DAT is v4599 5
McAfee DAT v4585 dat files have been released due to mutliple new variants of Bagle 2
McAfee DAT v4664 dat files have been released early due to new variants of Exploit-WMF 4
AVERT High Threat Alert: W32/IRCBot.worm!MS05-039 1

Top