Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

bat.mumu.a.worm

Status
Not open for further replies.
yimitz

yimitz

Programmer
Apr 5, 2002
54
US
Hi,

I am wondering, I have NAV corp edition running on a win2K OS. If NAV keeps quarantining different virus files but not cleaning them and I've run symantecs FixMumu.exe program on the machine and its report says there are no viruses on the machine and the NAV is constantly scanning, is the machine infected or not? It seems a ntservice.exe file is the culprit but I can't remove it.
 
Sort by date Sort by votes
Howdy:

Try booting into Safe Mode and then delete it..

ntservice.exe is part of the trojan..

ntservice.bat: A malicious batch file that stops the "Application" service, runs ntservice.exe with the -install argument, and then starts the "Application" service.
ntservice.exe: A UPX-packed executable that will create a service described in NTService.ini.
NTService.ini: Service information giving the name as "Application," it will run cmd.exe /c ss.bat.


Murray
 
Upvote 0 Downvote
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top