Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worm.Zimuse.A & B


  • Please log in to reply
4 replies to this topic

#1 Daisuke

Daisuke

    Cleaner on Duty


  • Members
  • 5,575 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania
  • Local time:01:50 PM

Posted 25 January 2010 - 03:35 PM

New blended worm in the wild !

ESET: Win32/Zimuse.A is a type of threat that overwrites MBR (Master Boot Record) of all available drives with its own data, making the data stored on the user’s computer inaccessible. Moreover, the restoration of the corrupted data is complicated, requiring specialized software or a provider. [...] Presently, the greatest number of infected computers is in the United States, followed by Slovakia, Thailand and Spain, followed with Italy, Czech Republic and other European countries. [...] The worm uses two ways to spread – either via embedding in legitimate websites, in the form of a self-unpacking ZIP file or as an IQ test program, or via Exchangeable media, such as USB devices.

BitDefender: ... this malicious piece is extremely dangerous; unlike average worms, it would lead to severe data loss as it overwrites the first 50 KB of the Master Boot Record, a key zone of the hard disk drive.

Details:
ESET: Computers Worldwide Targetted by a MBR Worm, removal tool is available: Zimuse Removal Tool.

BitDefender: Malware Alert - Win32.Worm.Zimuse.A - The Hard-Disk Wrecker, Blended formula of virus, rootkit and worm. Result: fatal.

Update your anti-virus. Always back up your important files: docs, pics, movies, bookmarks, emails, email settings, ms-office settings, passwords, etc..
Everyday is virus day. Do you know where your recovery CDs are ?
Did you create them yet ?

Posted Image

BC AdBot (Login to Remove)

 


#2 alinb

alinb

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:50 PM

Posted 25 January 2010 - 06:30 PM

Hi there! I saw this worm alert on the bitdefender blog and said to myself I'll back up my files and I'll never download IQ tests:))) don't panic people , update your antivirus software and don't download garbage; I trust my Bitdefender..and I have a 32 bits system:D

#3 Nawtheasta

Nawtheasta

  • Members
  • 403 posts
  • OFFLINE
  •  
  • Location:New England, USA
  • Local time:02:50 PM

Posted 26 January 2010 - 12:27 PM

Hi
I remember not that long ago that on the “ Am I infected “ section that MBAM and SAS took care of most everything. Now folks need to use rkill before MBAM and it seems that is now being defeated. I try to be careful and have my anti virus on auto update along with having site advisor installed. I have also told my kids don’t click anything that doesn’t have the site advisor check mark. I have the feeling though that no matter how careful we are it is just a matter of time before some super bug hits.
Also can some one give the definition of “ In the wild” as it is used here?
Best Regards
Nawtheasta

#4 Daisuke

Daisuke

    Cleaner on Duty

  • Topic Starter

  • Members
  • 5,575 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania
  • Local time:01:50 PM

Posted 26 January 2010 - 02:25 PM

Also can some one give the definition of “ In the wild” as it is used here?


Hi Nawtheasta,

There is an organization called "WildList Organization". It collects monthly reports from anti-virus experts around the world. They produce a list of those virusues currently spreading. A virus that is reported by two or more of the WildList reporters will appear in the top-half of the list and is deemed to be 'In the Wild".

Worm.Zimuse.A & B were reported by BD, ESET, and by Avira, three serious anti-virus companies. You can assume it is on the list.
Everyday is virus day. Do you know where your recovery CDs are ?
Did you create them yet ?

Posted Image

#5 Nawtheasta

Nawtheasta

  • Members
  • 403 posts
  • OFFLINE
  •  
  • Location:New England, USA
  • Local time:02:50 PM

Posted 26 January 2010 - 03:05 PM

Thanks Daisuke
I have often wondered what determined this classification
Best Regards
Nawtheasta




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users