I just got this from a co-workers computer. I've run it against 4 virus scanners I have around (after running each one's definition update) and nothing recognized it. It really looks like W32.HLLW.Moega http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.moega.html But Symantec says it should catch it, which it doesn't. It looks like the thing has been on his machine for about a month, and he's on an open cable connection (Symantec mentions a trojan in moega) so I would like to know what the payload is. It's a larger file than what Symantec has listed for moega also. Anybody seen it, or have a scanner that recognizes it? D R E A M W R I G H T S T U D I O S Dreamwright.com - Web Design, Graphic Design, & Custom Software Programming 704-548-8653 office/fax 1-866-47-MY-WEB PO Box 480188 Charlotte, NC 28269
Attachment:
wupdated.zip
Description: Zip compressed data
Attachment:
smime.p7s
Description: S/MIME cryptographic signature