C
Cristiano Guglielmetti
Hi all,
my NAV2003 detected and removed W32.Dumaru.Y@mm on XP PRO.
After that I'd verified following the doc:
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]
It still open a question. The worm uses a file (%Windir%\winload.log) as
e-mail address archive to use to forward itself. The Symantec document
doesn't explain what to do with this file after NAV removed the worm.
On others XP PRO with no worms the file does not exist.
R'grds
Cristiano Guglielmetti
http://xoomer.virgilio.it/guglielmetti/
my NAV2003 detected and removed W32.Dumaru.Y@mm on XP PRO.
After that I'd verified following the doc:
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]
It still open a question. The worm uses a file (%Windir%\winload.log) as
e-mail address archive to use to forward itself. The Symantec document
doesn't explain what to do with this file after NAV removed the worm.
On others XP PRO with no worms the file does not exist.
R'grds
Cristiano Guglielmetti
http://xoomer.virgilio.it/guglielmetti/