New Threat Found : 3 new names..

hvhle.exe

xmwdf.exe

zPharaoh.exe

No avast detection…

symptoms not yet discovered…

infects flash drives or any removable disk…

Virus update please… =)

Uh, we need the files to find the virus inside of them.

If you still have the files (if you had them at all), send it to virus@avast.com in zip format.

Easier method:
Send the sample/s to avast as a Undetected Malware:
Open the chest and right click in the Chest and select Add, navigate to where you have the sample and add it to the chest (see image). Once in the chest, right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update.

Hi malware fighters,

zPharaoh.exe is known malware: Total number of reports analysed 611,932
Number of cases that involved the file “zpharaoh.exe” 701
Number of incidents when this file was found to be a threat 659
Statistical volume of cases when “zpharaoh.exe” was a threat 94%
zpharaoh.exe is a mischievous and disruptive malware infection that may change security processes in task manager and obstruct your access to msconfig and regedit. Upon installation, zpharaoh.exe may generate corrupt files, inactivate security programs andproduce annoying pop-ups. zpharaoh.exe may gather your personal information and cause sluggish computer performance.Associated threats: documentsample.doc.exe, d4c7cf4d.exe, zpharoh.exe, winword.exe, tazebama.dll, readme.doc.exe

Aliases: W32/Mabezat, Worm.Mabezat.C, Bloodhound.Unknown, W32.Mabezat.B, W32/Mabezat.a, Mal/Sality-Gen, Win32/Mabezat, Worm.Win32.Mabezat, Win32/Mabezat.worm.32768, Virus.Win32.KillFiles.058, Win32/Mabezat.B, W32.Blastclan, Worm.generic!ct, Win32.Malware.gen!92, Win32/Mabezat.A, Worm.Win32.Mabezat.b, Win32.Mabezat.b, W32/Mabezat-B, Virus:Win32/Mabezat.B, Worm.Mabezat.A Re: http://www.sophos.com/security/analyses/viruses-and-spyware/w32waznera.html

Removal of this malware found to reside on pendrives malcode first found in Oman and Saudi Arabia:
[DRIVE]:\zPharaoh.exe Manual Detection

Below are manual removal instructions for [DRIVE]:\zPharaoh.exe so you can remove the unwanted file from your PC. Always be sure to back up your PC before you modify anything.

A. check for [DRIVE]:\zPharaoh.exe .
Step 1: Use Windows File Search Tool to Find [DRIVE]:\zPharaoh.exe Path

  1. Go to Start > Search > All Files or Folders.
  2. In the “All or part of the the file name” section, type in "[DRIVE]:\zPharaoh.exe " file name(s).
  3. To get better results, select “Look in: Local Hard Drives” or “Look in: My Computer” and then click “Search” button.
  4. When Windows finishes your search, hover over the “In Folder” of "[DRIVE]:\zPharaoh.exe ", highlight the file and copy/paste the path into the address bar. Save the file’s path on your clipboard because you’ll need the file path to delete [DRIVE]:\zPharaoh.exe in the following manual removal steps.

Step 2: Use Windows Task Manager to Remove [DRIVE]:\zPharaoh.exe Processes

  1. To open the Windows Task Manager, use the combination of CTRL+ALT+DEL or CTRL+SHIFT+ESC.
  2. Click on the “Image Name” button to search for "[DRIVE]:\zPharaoh.exe " process by name.
  3. Select the "[DRIVE]:\zPharaoh.exe " process and click on the “End Process” button to kill it.

Step 3: Detect and Delete Other [DRIVE]:\zPharaoh.exe Files

  1. To open the Windows Command Prompt, go to Start > Run > cmd and then press the “OK” button.
  2. Type in “dir /A name_of_the_folder” (for example, C:\Spyware-folder), which will display the folder’s content even the hidden files.
  3. To change directory, type in “cd name_of_the_folder”.
  4. Once you have the file you’re looking for type in del “name_of_the_file”.
  5. To delete a file in folder, type in “del name_of_the_file”.
  6. To delete the entire folder, type in “rmdir /S name_of_the_folder”.
  7. Select the "[DRIVE]:\zPharaoh.exe " process and click on the “End Process” button to kill it.,

polonus

yes sir(s)… done that… thanks!
I ran a small cyber cafe here, so Im more prone to new viruses… hahaha Glad I signed up for the forum…

problem with zpharoah, its undetectable… see, i ran a scan and deleted all the contents as much as i could but its still coming back, on a particular flash drive… dunnno why… my pc on the other hand is not infected coz when i inserted a fresh formated FD nothing seems to appear…

O_O really weird…