Cult worm ... undetected by Avast?

Can someone tip me on this?

This is how symantec discribed my problem
c:\WINDOWS\SYSTEM\iexplorer.exe is geïnfecteerd met W32.HLLW.Cult.C@mm

And this is what escan wrote about it
16:24:07 Object: “iexplorer.exe” in path “C:\WINDOWS\SYSTEM”. Status: “Virus (could not be removed)”. Virus “I-Worm.Cult.d”

But neither of them gave any help…
any advise would be most welcome!

You used symantecs online scanner i suppose ?

You can always send the file to Avast for examination. And they will update there database asap.

Or you can try to do a online scanner check with RAV :

http://www.ravantivirus.com/scan/indexie.php

But first try to kill the worm process in taskmanager : iexplorer.exe. pay attention not to kill iexplore.exe. (wich is your browser)

Symantec info about the virus :

http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.cult.c@mm.html

Waldo

Thanks for answering, Mr. Waldo!
i cannot find any iexplorer.exe anywhere.
Hopefully the name is not changed, if that is possible at all.

after several attempts still no file about cult.c found at symantec
maybe later…
Thank you for the reply!

BTW: Avast should be able to delete the Virus in Windows safe mode.

Hi,

ClickME

Info on Cult.C:
Just search for Cult.C here:
http://www.symantec.com/avcenter/vinfodb.html

to find/delete the file on your PC:
you’ll probably have to set your (File-)Explorer to show all files&folders including system&hidden files: settings to be found somewhere in extras or view ->options

:wink:

i found the following:

Navigate to each of the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
RunServices
In the right pane, delete the value:

sysconfig iexplorer.exe

hope it works…