SpamThru Trojan detection and removal...??

[hizark21]

SpamThru Trojan detection and removal..??

I have been doing some research on this virus, but there does not seem
to be a good way to detect and remove this virus....??

 

[Virus Guy]

I have been doing some research on this virus, but there does not
seem to be a good way to detect and remove this virus....??

How would you / do you know that "there is no good way to detect and
remove" it?

Do you have an actual example of SpamThru that you've submitted to
Jotti or VirusTotal?

Or do you think you have a machine infected with it? If so, remove
the drive and slave it to a trusted system and scan it that way.

I would assume that most AV vendors are able to detect Spamthru since
(a) it's been "captured" and analyzed and (b) it's been documented to
be very widespread.

Dave - any word about SpamThru being added to AV definition files?

Does MULTI_AV.EXE detect SpamThru?

 

[hizark21]

Here is the latest info I have been able to find:
Sophos can detect and remove the virus
(http://www.sophos.com/virusinfo/analyses/trojspamthrub.html )
(http://www.eweek.com/article2/0,1895,2034680,00.asp )

In depth technical details about the virus
(http://www.secureworks.com/analysis/spamthru/ )

How would you / do you know that "there is no good way to detect and
remove" it?

Do you have an actual example of SpamThru that you've submitted to
Jotti or VirusTotal?

Or do you think you have a machine infected with it? If so, remove
the drive and slave it to a trusted system and scan it that way.

I would assume that most AV vendors are able to detect Spamthru since
(a) it's been "captured" and analyzed and (b) it's been documented to
be very widespread.

Dave - any word about SpamThru being added to AV definition files?

Does MULTI_AV.EXE detect SpamThru?

Not sure