Does anyone in here ever meet with this kind of malware family : W32/Gnurbulf.B ?
This happened at my friend’s office, when he tried to logon then windows doesn’t display anything and look like stuck at initial windows. If we see the task manager from this infected machine, we can find a lot of userinit.exe at machine processing.
Even we tried to access through safemode, this malware try to block user access.
You may see how Norman try to explain (Bahasa) : hxxp://www.vaksin.com/2006/1006/flu_burung_b2.htm
My question is, whether avast can prevent this worm when user plug their removeable disk or into their network LAN?
Signs of an infection with this nasty self-replicating worms are:
Unusual programs appears in the system process list
Downloaded additional malware codes
Compromised files re-creates after manual deletion
Search results being hijacked
Blue error screen and system shutdowns
TrendMicro finds it as WORM_VB.AVH alias: W32/Generic.e,
I find this specific ThreatExpert analysis: http://www.threatexpert.com/report.aspx?md5=2aca735fbca306421acd7a29c9409f4c
Malware on spreading site now closed or dead…