a new version of reader_s.exe appeared. SAV 9.0 detected somehing wrong with ndis, but can't kill it properly. upon reboot, the virus will come back. MS security essentials detected something wrong, but can't kill it properly either.
my fav malware scanner finnaly killed it in safe mode. anti-byte malware can't seem to kill it in normal mode.
reader_s.exe comes in the email (DHL). it plant itself in c:\documen~settings\username and c:\windows\system32, also an isq?????.exe is planted in user's startup directory.
it is very slow to kill on a Lenovo 2007 model notebook R61 wuth only 504MB ram.
Tuesday, December 8, 2009
reader_s.exe and SAV 9.0
Labels:
DHL,
lenovo X300,
malwarebyte,
MS security essentials,
reader_s.exe,
SAV 9,
trojan,
virus
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment